[ previous ] [ next ] [ threads ]
 
 From:  stfuhello <stfuhelloworld at yahoo dot com dot au>
 To:  mono <m0n0wall at lists dot m0n0 dot ch>
 Subject:  monowall HTTP ports on LAN side ?!?!*%# Im a n00b
 Date:  Wed, 12 Oct 2005 16:12:03 +1000
Hi guys iam having a few problems because im a n00b :) . In the 
following paragraph i will be referring to DIAGRAMS  located at 
http://img433.imageshack.us/img433/4404/problem4pk.jpg. What i would 
like to do is delete the LAN "permit any"  , as seen in DIAGRAM A. After 
this i would like to manually create rules to permit each  program 
access to the net and access to other hosts through the LAN rules 
interface. Im doing this to ad an extra layer of security . I thought 
starting off with  HTTP, thinking it would be easy enough. After 
disabling the "permit any" rule on LAN  interface , i tried creating a 
lan rule to alow http on LAN  and net but to no avail. I tried adding 
default HTTP rules , to everything... but i still couldnt acces the net 
with my browser. I then thought well i will  enable the "permit any" 
rule (DIAGRAM A) and log traffic to see whats happening. I cleared all 
previous firewall logs then opened my browser. The logged traffic is 
highlighted as DIAGRAM D. Ive also added NAT interface and WAN rules 
interface in DIAGRAMS B+C  incase im making some monumental mistake/s.  
Could someone please show me how to create the a relatively specific (as 
opposed to "permit any")  HTTP rule/s on the LAN rules interface to 
access the net and other hosts on the LAN.



Thank You

Send instant messages to your online friends http://au.messenger.yahoo.com