Re: m0n0 blocking outbound packets from email server?!?!

From:	Ugo Bellavance <ugob at camo dash route dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: m0n0 blocking outbound packets from email server?!?!
Date:	Tue, 02 Aug 2005 11:00:56 -0400

Jeff Scott wrote:
> Hi all,
>  
> New m0n0wall user here!  I've been testing it for several months and
> have just put it into production.  Great Software!
>  
> Right now I am allowing all traffic outbound from the LAN.  I'm
> concerned about traffic that I am seeing blocked in the logs.  I am
> seeing packets (seems to be always ack packets) from our internal mail
> server being blocked from the LAN.  Here is an example:
>  
> "08:08:39.146673 xl0 @0:22 b 10.47.0.20,25 -> 206.80.20.3,31108 PR tcp
> len 20 44 -AS IN"
>  
> I am using 1:1 NAT for the internal mail server.  I checked the Status
> page and confirmed that @0:22 corresponds to the following rule:
>  
> "@22 block in log quick proto tcp from any to any"
>  
> My question is:  If I have an allow all rule outbound from the LAN
> interface, why is this packet being blocked at all?
>  
> Thanks everyone,
>  
> Jeff
> 

Can you actually connect to port 25 on an external machine?  If yes,
this is probably a packet that was lost and re-sent.  Normal.

-- 
Ugo

-> Please don't send a copy of your reply by e-mail.  I read the list.
-> Please avoid top-posting, long signatures and HTML, and cut the
irrelevant parts in your replies.