On 6/25/05, Cvetomir Conev <cvetomirconev at gmail dot com> wrote:
> I've setup everything and it works like a charm. But I want to close
> the ports (HTTP, DNS, etc.) of my m0n0wall on the optional interface,
> because it's sorts of public network. First I thought that they will
> be closed by default, but they weren't. I've tried to set up explicit
> rules on the optional interface to block them, but with no success.
Sounds like you have a permit any to any rule on the OPT interface.
The reason the block rules didn't do anything is probably because they
came after (below) the permit rule. Move them above, or change the
default any to any rule, and things will work.