[ previous ] [ next ] [ threads ]
 
 From:  =?ISO-8859-1?Q?Mathias_Bur=E9n?= <mathias dot buren at gmail dot com>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] let traffic in to m0n0wall?
 Date:  Fri, 18 Feb 2005 04:49:11 +0100
Sorry, forgot to include one thing.. In logs, firewall I see this:

02:47:42.187836  	WAN  	130.243.52.250, port 35591  	217.209.15.120,
port 113  	TCP
	02:47:38.988414 	WAN 	130.243.52.250, port 35591 	217.209.15.120, port 113 	TCP
	02:47:35.788931 	WAN 	130.243.52.250, port 35591 	217.209.15.120, port 113 	TCP
	02:47:32.790479 	WAN 	130.243.52.250, port 35591 	217.209.15.120, port 113 	TCP

It drops them! Hm!



<mathias dot buren at gmail dot com> wrote:
> Nothing with port 113 is NAT:ed.
> Under firewall > rules > wan:
> 
>  TCP/UDP         *       113     *       113     let in port 113
> 
> But it doesn't work. I can access port 113 on the m0n0wall box from
> within LAN but not from the outside in (sshing to a box, portscanning,
> telneting etc). Any ideas?
> 
> 
> On Thu, 17 Feb 2005 22:15:24 -0500, Chris Buechler <cbuechler at gmail dot com> wrote:

> > <mathias dot buren at gmail dot com> wrote:
> > > Hi, I have oidentd running inside the m0n0wall box now, and I'd like
> > > to not forward, but just let in traffic coming in from wan on any port
> > > and any ip-adress, that has the destination port 113, in to the
> > > m0n0wall computer itself. In short, if packet has destination port
> > > 113, don't forward it, let oidentd take it (which is running on the
> > > m0n0wall box). How can I do this?
> > >
> >
> > Should just be able to add a rule on the WAN interface permitting 113
> > to the WAN IP, or if the WAN is DHCP, permit it to any (same effect,
> > as long as you don't put in inbound NAT rule matching 113).
> >
> > -Chris
> >
> 
> --

> 


--