|
||||||||
> I want to block packets coming from clients on the LAN (notebook & > server) going to the m0n0wall box. > > I.E i want to stop 10.0.2.5 from accessing m0n0wall's web gui > configuration page, which is why i put in the "block TCP from 10.0.2.5 > to *". I know this is a very broad rule just to stop https, but I > started off with a rule to block just the specific port and it did not > work, thats why i broadend it to all hosts/ports. There's a hard-coded rule that always allow LAN hosts to access m0n0wall (LAN interface). See: http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=91&actionargs[]=22 Fortunately, starting with m0n0wall version 1.2b1 (beta), the webGUI anti-lockout rule on LAN can be disabled (System: Advanced page). Be very carefull when playing with this option: don't lock yourself out of the WebGUI. You've been warned! Cheers, -- Vincent |