New m0n0wall user here! I've been testing it for several months and
have just put it into production. Great Software!
Right now I am allowing all traffic outbound from the LAN. I'm
concerned about traffic that I am seeing blocked in the logs. I am
seeing packets (seems to be always ack packets) from our internal mail
server being blocked from the LAN. Here is an example:
"08:08:39.146673 xl0 @0:22 b 10.47.0.20,25 -> 22.214.171.124,31108 PR tcp
len 20 44 -AS IN"
I am using 1:1 NAT for the internal mail server. I checked the Status
page and confirmed that @0:22 corresponds to the following rule:
"@22 block in log quick proto tcp from any to any"
My question is: If I have an allow all rule outbound from the LAN
interface, why is this packet being blocked at all?