Re: [m0n0wall] LAN+WAN+OPT Filtering Issue

From:	Chris Buechler <cbuechler at gmail dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] LAN+WAN+OPT Filtering Issue
Date:	Sat, 20 Aug 2005 19:00:32 -0400

On 8/20/05, Tim Roberts <monowall at dsslink dot net> wrote:
> OK, so I gave up trying to bridge WAN to OPT and filter both WAN/OPT traffic as well as WAN/LAN
traffic. I just simply added a thrid private space on the OPT and now NAT 1:1 to both servers on the
OPT and servers on the LAN interface. I still cant control what comes in and out from LAN to OPT
though. Should I be able too? I have no issuse from LAN---->WAN, WAN---->LAN, OPT---->WAN,
WAN---->OPT but from my LAN to OPT things flow through no matter what.
> 

Sounds like any rules you're adding on the LAN are below the default
any to any rule on the LAN interface, so the traffic hits that allow
any rule and gets passed regardless.

If that's not the case, post back with your LAN firewall rules.  

-Chris