[ previous ] [ next ] [ threads ]
 From:  "Keith Redfield" <kredfield at airsurfwireless dot com>
 To:  "Kev Latimer" <kev at ne23 dot net>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Default rule blocking everything on OPT1!
 Date:  Mon, 31 Jan 2005 20:40:14 -0800
I had this same problem a few posts ago..a bad static route was the cause. Remove them, start over


From: Kev Latimer [mailto:kev at ne23 dot net]
Sent: Mon 1/31/2005 5:36 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Default rule blocking everything on OPT1!

I am tearing my hair out here.

Going right back to the basic troubleshooting and not even documenting
the end goal... I have a m0n0 with OPT1 interface which is attached to
an ADSL router on a /30.  I can ping out of it fine, setting a static
route to a host to make sure it goes out of the right interface.  I can
ping the IP of the ADSL router from other hosts.  However, no matter
what rules I set up, I always see it blocked in the firewall log.  I
have a rule on WAN to let everything pass to OPT1 subnet (as suggested
ages ago to get it to work as an IPSEC VPN endpoint).

I have used several rules, individually and combined, on OPT1 to let
everything through, to let ICMP through the IP of OPT1 and several other
attempts.  I have moved these rules to the WAN interface where they do
exactly as I expect, moving them back to OPT1 has absolutely no effect -
any traffic I want to be dealt with on OPT1 is just blocked.

I know it's the default rule doing this because when I tell the logs to
stop logging stuff blocked by the default rule, they stop appearing...

I already have another m0n0 doing exactly this role which works fine and
the configs seem identical (hardware aside).

If anybody has any ideas or knows of any bugs in the rule ordering and
knows how to get around this, please help me, I'm absolutely baffled!



To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch