Re: [m0n0wall] Re: m0n0 blocking outbound packets from email server?!?!

From:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Re: m0n0 blocking outbound packets from email server?!?!
Date:	Tue, 2 Aug 2005 12:27:03 -0400

On 8/2/05, Jeff Scott <jscott at padcomusa dot com> wrote:
> 
> Thanks Chris,
> 
> I did see this FAQ.  And I would understand if the packet being dropped
> is inbound from the Internet.  But, this packet is outbound from our
> LAN.  

Others around here who are far more knowledgable of IPfilter internals
than I, say that explanation is a cop out, there are actually bugs
that tear down sessions before they should be in some circumstances.

Regardless, it's nothing to worry about.  It isn't going to cause problems.  

> 
> Unless what your telling me is because the session was originally
> initiated from the WAN, m0n0wall ignores the outbound rules and only
> pays attention to the state table and/or NAT table?  Is that true?  

it is indeed.  

> If
> so, is there any documentation on the processing order of packets in
> m0nowall?
> 

see the raw ipfilter rules on status.php and read the ipfilter docs. 
I don't have time to look right now to refresh my memory, but
basically it only allows new connections outbound from the LAN through
rules on the back end.  Any replies will be permitted by the existing
states.

-Chris