[ previous ] [ next ] [ threads ]
 From:  "Alexander Piccardi" <piccardi at gmx dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  monowall problem with viruspattern update
 Date:  Fri, 24 Jun 2005 10:56:10 +0200 (MEST)
Hi !

I have tested some features of 1.2b9 which I cannot understand:

Until now I have used monowall as an accesspoint at home, using pptp on wan.
This was working pretty fine. In the last few days I have made some other
tests and now I am a little bit confused:

1) Trafic shaper: I have used the wizard to create the rules. I have an
internet connection with about 100kbyte download per second and 25 kbyte
upload. After initialisation trafic shaper limmited a download with 29,8
kbyte though there was no other trafic at all. Does anyone know what
happened ? This was no problem of the ftp-Server because after removing
trafic shaper, connection was running on full speed.

2) for analysis of my internal dataflow I have set up an old pc (P3,
800Mhz)with the 1.2b9 cd-image. There something strange was happening.
Though nearly everithing was allowed in the two networks I had problems with
the virus scanner. This scanner uses for the contact to a command-console a
lot of ports (137-139, 3000-3050, 5005-5150 and perhaps some more). It was
strange, that I could find on port 137 to 139 incoming and outgoing traffic.
But it was much more strange, that the outgoing traffic on port 139 was
blocked, though there was no blocking rule. It seems, that in internal mode
(WAN=DHCP, LAN=isolated network) some hidden rules are activ. Who knows more
about this behavior ? Are the rules also used to internet ?


Geschenkt: 3 Monate GMX ProMail gratis + 3 Ausgaben stern gratis
++ Jetzt anmelden & testen ++ http://www.gmx.net/de/go/promail ++