[ previous ] [ next ] [ threads ]
 
 From:  "Tarun Kundhi" <tkundhi at inebraska dot com>
 To:  "Garrett" <glc at c dash email dot com>, "m0n0wall list" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Firewall Rules
 Date:  Fri, 28 Oct 2005 16:10:58 -0500
You still need the following on the OPT1 interface.

pass | * | 172.31.101.2 | * | 172.31.101.10 | * | allow pc on lan access to 
pocket_pc

t.

----- Original Message ----- 
From: "Garrett" <glc at c dash email dot com>
To: "Lee Sharp" <leesharp at hal dash pc dot org>
Cc: "m0n0wall" <m0n0wall at lists dot m0n0 dot ch>
Sent: Friday, October 28, 2005 3:58 PM
Subject: Re: [m0n0wall] Firewall Rules


> To clarify....
>
> page: Firewall: Rules
>
> OPT1 tab (1 rule)
> Action: Pass
> Proto: any
> Source: 172.31.101.10 (IP of PocketPC)
> Port: any
> Dest: 172.31.101.2 (IP of PC)
> Port: any
>
> ^ Permits access from the Pocket PC on OPT1 to a PC on LAN
>
> ***All other traffic is blocked***
>
> LAN tab (2 rules, in order)
> Action: Block
> Proto: any
> Source: not (!) 172.31.101.2 (IP of PC allowed to communicate w/PocketPC)
> Port: any
> Dest: OPT1 net (172.31.101.8/29)
> Port: any
>
> ^ Blocks all but one host on LAN from accessing any hosts on OPT1
>
> bottom rule (automatically created):
> Proto: any
> Source:  LAN net
> Port: any
> Dest: any
> Port: any
> Desc: Default LAN - > any
>
> ^ Permits any traffic which makes it passed top rule
>
>
> Does that look right?
>