Yes, I can connect to external machines on port 25. Notice however,
that this error is coming FROM port 25 on our internal mail server.
Which tells me it is a response to an inbound connection. Our server is
way overpowered for the number of users that we have and I don't expect
it to be losing packets. These blocked packets are only sporadic and I
have not yet noticed any issue with the mail server. But, it does
concern me that I don't understand why anything from the LAN would be
blocked to the WAN when I have an allow all rule?
| Jeff Scott | IT Administrator | Padcom, Inc. |
| Office: 484-893-6259 | Fax: 484-893-6350 |
| jscott at padcomusa dot com | www.totalroam.com |
TotalRoam(r) - Patented Software for Secure, Continuous Connectivity
EASY - Affordable upgrade adds network roaming for Proud to Serve
customers. Find out how. (sales at padcomusa dot com)
NOW - Sign up to demo TotalRoam(r) with FIPS 140-2 validated encryption
From: news [mailto:news at sea dot gmane dot org] On Behalf Of Ugo Bellavance
Sent: Tuesday, August 02, 2005 11:01 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Re: m0n0 blocking outbound packets from email
Jeff Scott wrote:
> Hi all,
> New m0n0wall user here! I've been testing it for several months and
> have just put it into production. Great Software!
> Right now I am allowing all traffic outbound from the LAN. I'm
> concerned about traffic that I am seeing blocked in the logs. I am
> seeing packets (seems to be always ack packets) from our internal mail
> server being blocked from the LAN. Here is an example:
> "08:08:39.146673 xl0 @0:22 b 10.47.0.20,25 -> 220.127.116.11,31108 PR tcp
> len 20 44 -AS IN"
> I am using 1:1 NAT for the internal mail server. I checked the Status
> page and confirmed that @0:22 corresponds to the following rule:
> "@22 block in log quick proto tcp from any to any"
> My question is: If I have an allow all rule outbound from the LAN
> interface, why is this packet being blocked at all?
> Thanks everyone,
Can you actually connect to port 25 on an external machine? If yes,
this is probably a packet that was lost and re-sent. Normal.
-> Please don't send a copy of your reply by e-mail. I read the list.
-> Please avoid top-posting, long signatures and HTML, and cut the
irrelevant parts in your replies.
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch