[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Still having issues!
 Date:  Mon, 4 Jul 2005 14:25:42 -0400
On 7/2/05, henry <henry at ttcomaha dot com> wrote:
> Hi I needed to add secondary IP address to my internal LAN, Which I was able to do with the
shellcmd in the config.xml.  If I do a ifconfig from the exec.php I see all of the IP addresses and
I can ping those addresses from the default lan.  The problem lies in vreating the rules.  No matter
what I do everything is denied coming from the networks of the subinterfaces.  IE.  The primary
network is and I have a rule 'LAN all prot. to any allow' and that works
fine. Now if I add the rule for the secondary network 'LAN all to any' the firewall
blocks everything coming from

antispoofing rules dropping it.  a static route on the LAN interface
will open up the antispoofing rules to allow that subnet on the LAN
interface (though the route itself is unnecessary).  Probably will
also need advanced outbound NAT after that.