[ previous ] [ next ] [ threads ]
 From:  "Jeff Scott" <jscott at padcomusa dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Re: m0n0 blocking outbound packets from email server?!?!
 Date:  Tue, 2 Aug 2005 11:35:47 -0400
Yes, I can connect to external machines on port 25.  Notice however,
that this error is coming FROM port 25 on our internal mail server.
Which tells me it is a response to an inbound connection.  Our server is
way overpowered for the number of users that we have and I don't expect
it to be losing packets.  These blocked packets are only sporadic and I
have not yet noticed any issue with the mail server.  But, it does
concern me that I don't understand why anything from the LAN would be
blocked to the WAN when I have an allow all rule?

|  Jeff Scott   |  IT Administrator   |  Padcom, Inc.  |
|  Office: 484-893-6259   |  Fax: 484-893-6350  |
|  jscott at padcomusa dot com   |  www.totalroam.com  |

TotalRoam(r) - Patented Software for Secure, Continuous Connectivity
EASY - Affordable upgrade adds network roaming for Proud to Serve
customers. Find out how. (sales at padcomusa dot com)
NOW - Sign up to demo TotalRoam(r) with FIPS 140-2 validated encryption
today! (http://www.totalroam.com/totalroam-trial)

-----Original Message-----
From: news [mailto:news at sea dot gmane dot org] On Behalf Of Ugo Bellavance
Sent: Tuesday, August 02, 2005 11:01 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Re: m0n0 blocking outbound packets from email

Jeff Scott wrote:
> Hi all,
> New m0n0wall user here!  I've been testing it for several months and 
> have just put it into production.  Great Software!
> Right now I am allowing all traffic outbound from the LAN.  I'm 
> concerned about traffic that I am seeing blocked in the logs.  I am 
> seeing packets (seems to be always ack packets) from our internal mail

> server being blocked from the LAN.  Here is an example:
> "08:08:39.146673 xl0 @0:22 b,25 ->,31108 PR tcp

> len 20 44 -AS IN"
> I am using 1:1 NAT for the internal mail server.  I checked the Status

> page and confirmed that @0:22 corresponds to the following rule:
> "@22 block in log quick proto tcp from any to any"
> My question is:  If I have an allow all rule outbound from the LAN 
> interface, why is this packet being blocked at all?
> Thanks everyone,
> Jeff

Can you actually connect to port 25 on an external machine?  If yes,
this is probably a packet that was lost and re-sent.  Normal.


-> Please don't send a copy of your reply by e-mail.  I read the list.
-> Please avoid top-posting, long signatures and HTML, and cut the
irrelevant parts in your replies.

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch