|
||||||||||
----- Original Message ----- From: "Manuel Kasper" <mk at neon1 dot net> To: "Christopher M. Iarocci" <iarocci at eastendsc dot com> Cc: <m0n0wall at lists dot m0n0 dot ch> Sent: Friday, November 14, 2003 12:12 PM Subject: Re: [m0n0wall] Firewall question > On 14.11.2003, at 18:05, Christopher M. Iarocci wrote: > > > Can anyone explain why I get the following entries in my firewall log > > when I > > clearly have a rule that allows all outbound traffic from my LAN > > interface? > > I see it from time to time, and don't really understand it because I > > guess I > > don't understand all the codes at the end of the line. > > > > 12:00:23.058836 2x rl0 @200:33 p 192.168.2.199,5061 -> > > 12.144.47.27,5060 PR > > udp len 20 301 K-S K-F IN > > ... @200:33 p 192.168... ---> p = pass > > > rules, nor do I have any block rules for the VPN lans. I'm hoping the > > rules > > for the VPN allows all traffic through the tunnel, but the below log > > entry > > clearly shows a packet being blocked. > > No, it shows a packet being passed. :) Not sure why these show up, > though. By default, only blocked packets are logged. Maybe it is because I have port 5060 mapped to the internal address of 192.168.2.199? Just a guess, don't know. Thanks for the info though. Now I can rest easier. :-) All this time I was thinking they were blocked packets. Chris |