|
||||||||
Hello everyone, I am currently evaluating m0n0wall as a possible replacement for my current firewall, and I have a question regarding the ipf rules generated by the GUI for m0n0wall. My current testing involves two m0n0wall boxes running on VMWare. For one of the m0n0wall boxes, the DNS and NTP services are on the "LAN interface" network. While DNS queries seem OK, all NTP queries are being blocked by ipf even though the source and destination IP addresses are the same. It's been about three years since I last used ipf (I switched to ipfw, then to pf on FreeBSD when I gave up on trying to get ipfilter and KAME play nice together on my FreeBSD firewall), but I recall that all the rules in a ipf rule set are directional (i.e. rules can be INBOUND or OUTBOUND on an interface). It would seem that there is a hidden rule that allows outbound DNS queries on the LAN interface but not NTP queries. First: is my theory of "hidden rules" correct? Second: if so, is there some way to view or edit these rules in the GUI (if not, a "view hidden rules" check box, a la Checkpoint would be really neat). Third: is there a way to "manually" edit any default/hidden rules? They do not appear in the config.xml file. Thanks! Ian |