[ previous ] [ next ] [ threads ]
 
 From:  Vincent Fleuranceau <vincent at bikost dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Firewall is not working
 Date:  Thu, 03 Feb 2005 17:19:45 +0100
> I want to block packets coming from clients on the LAN (notebook &
> server) going to the m0n0wall box.
> 
> I.E i want to stop 10.0.2.5 from accessing m0n0wall's web gui
> configuration page, which is why i put in the "block TCP from 10.0.2.5
> to *". I know this is a very broad rule just to stop https, but I
> started off with a rule to block just the specific port and it did not
> work, thats why i broadend it to all hosts/ports.

There's a hard-coded rule that always allow LAN hosts to access m0n0wall 
   (LAN interface).

See:
http://m0n0.ch/wall/list/?action=show_msg&actionargs[]=91&actionargs[]=22

Fortunately, starting with m0n0wall version 1.2b1 (beta), the webGUI 
anti-lockout rule on LAN can be disabled (System: Advanced page).

Be very carefull when playing with this option: don't lock yourself out 
of the WebGUI. You've been warned!

Cheers,

-- Vincent