[ previous ] [ next ] [ threads ]
 
 From:  Its Azfar <azfarhusain at yahoo dot com>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Disable default NAT and mappings
 Date:  Sat, 6 Aug 2005 01:00:07 -0700 (PDT)
Listen as I already mentioned that I have three
interface. WAN (public), LAN (private) and OPT1
(public).

I have three rules one on each interface in ipfilter
that are allowing any to any. One Outbound NAT rule
for my LAN clients. Advanced outbound NAT is also
checked in outbound NAT.

LAN clients can access internet buy using NAT but OPT1
clients cant access internet.

When I bridge OPT1 with WAN then with filter bridged
traffic disabled OPT1 clients can acccess internet.
But I want to enable firewall on it and as soon I
enable filter bridged traffic internet stop working on
OPT1 clients.

When I check firewall logs in any condition it show to
much traffic is blocking by default rules.

Its look like dafualt rules are causing problem and I
simply want to disable them perminantly and want two
rules as follow.

pass in quick all
pass out quick all

or 

pass in all
pass out all

Now what do you say for it.

--- Chris Buechler <cbuechler at gmail dot com> wrote:

> On 8/5/05, Its Azfar <azfarhusain at yahoo dot com> wrote:
> > "the only way todo it is modifying the
> > /etc/inc/filter.inc php source code"
> > 
> > should I edit this file before installation in the
> > image file or after committing the installation.
> > how to acheive this ?
> > 
> 
> What are you trying to accomplish?  You almost
> certainly don't have to
> edit that file to have a properly working system.
> 
> -Chris
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail:
> m0n0wall dash help at lists dot m0n0 dot ch
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com