[ previous ] [ next ] [ threads ]
 
 From:  =?iso-8859-1?Q?Bj=F6rn?= =?iso-8859-1?Q?_P=E5lsson?= <bjorn at networksab dot com>
 To:  "Sergei Kostigoff" <sergei at kostigoff dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] icmp echo
 Date:  Sat, 03 Jan 2004 15:13:45 +0100 
>
>> Just add a filter rule like this:
>> 
>> Action: Pass
>> Interface: WAN
>> Protocol: ICMP
>> Source: any
>> Destination: your m0n0wall WAN IP address (you'll have to use any if 
>> it's dynamic - ugly, I know)
>> 
>Manuel,
>
>Thank you for prompt reply. And again, thank you personally for all your 
>efforts. (Not all commercial products may compete , especially in 
>intuitive interface, but few :)
>
>I have tried this yesterday with no success, and after your message tried 
>again (thinking I've missed something) with no success. Maybe it is 
>something with my ISP... log of the internal net of the ISP ping is 
>below... One of friends on internal provider's net did ping for me
>
>[msh@msh msh]$ ping 10.x.144.192
>PING 10.x.144.192 (10.x.144.192) 56(84) bytes of data.
> 
>--- 10.x.144.192 ping statistics ---
>4 packets transmitted, 0 received, 100% packet loss, time 3017ms
>
>where 10.x.144.192 is DHCP assigned IP for my WAN card.
>

This will never work because of the RFC states that 10.0.0.0/8 is a
non-public block. Only if your friend is in the same netblock on the same
ISP, this will work. On top of that, the m0n0-wall blocks traffic to the
10.0.0.0/8 and 192.168/16 on the WAN interface by default.

// Björn