Re: [m0n0wall] Firewall question

From:	Manuel Kasper <mk at neon1 dot net>
To:	"Christopher M. Iarocci" <iarocci at eastendsc dot com>
Cc:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Firewall question
Date:	Fri, 14 Nov 2003 18:12:58 +0100

On 14.11.2003, at 18:05, Christopher M. Iarocci wrote:

> Can anyone explain why I get the following entries in my firewall log 
> when I
> clearly have a rule that allows all outbound traffic from my LAN 
> interface?
> I see it from time to time, and don't really understand it because I 
> guess I
> don't understand all the codes at the end of the line.
>
>  12:00:23.058836 2x rl0 @200:33 p 192.168.2.199,5061 -> 
> 12.144.47.27,5060 PR
> udp len 20 301 K-S K-F IN

... @200:33 p 192.168... ---> p = pass

> rules, nor do I have any block rules for the VPN lans.  I'm hoping the 
> rules
> for the VPN allows all traffic through the tunnel, but the below log 
> entry
> clearly shows a packet being blocked.

No, it shows a packet being passed. :) Not sure why these show up, 
though. By default, only blocked packets are logged.

- Manuel