[ previous ] [ next ] [ threads ]
 
 From:  Dave Warren <maillist at devilsplayground dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Block private networks
 Date:  Sat, 05 Mar 2005 01:26:45 -0700
Question about the "block private networks" setting.  What exactly does 
this do in terms of the firewall rules it creates?

The reason I ask, I've noticed that even with this option enabled I can 
access a web server at http://192.168.100.1/ -- The webserver is part of 
the SURFboard modem I'm using, so it's existence isn't unwanted, but it 
made me curious why this works.

I'm guessing that the rule that allows stateful connections is above the 
rule which blocks traffic from private networks, and that there is 
nothing similar blocking outbound traffic.

Is this correct?

Do the rules added by the block private networks option appear above my 
user-defined rules?

-- 
If you can remain calm, you just don't have all the facts.