[ previous ] [ next ] [ threads ]
 
 From:  "Tarun Kundhi" <tkundhi at inebraska dot com>
 To:  <j dot bohman at comcast dot net>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Firewall prob
 Date:  Wed, 2 Nov 2005 09:44:48 -0600
Sorry, I messed up while copying &  pasting. Try these rules.

WAN
block | * | * | * | * | * | block all outside access

LAN
pass | * | LAN net  | * | * | * | Default LAN -> any

Wireless
 pass | * | Wireless net | * | * | * | Default OPT1-> any


----- Original Message ----- 
From: "Tarun Kundhi" <tkundhi at inebraska dot com>
To: <j dot bohman at comcast dot net>; <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, November 02, 2005 9:16 AM
Subject: Re: [m0n0wall] Firewall prob


> Rules are processed top down so several of the rules in your config are 
> currently being ignored. Example LAN rules 2 & 3.
> Rules are processed on incoming side of the interface. So some of your 
> rules are redundant. Example Wireless 2 & 3. I don't understand why Rule 
> like you Wireless 1 & 4 don't work but I've expreienced the same thing.
>
> Do you really want to open your wireless interface wide open to the entire 
> web? If not then try this. It should allow you out to the WAN and also to 
> the LAN.
>
> WAN
> block | * | * | * | * | * | block all outside access
>
> LAN
> pass | * | * | * | * | * | Default LAN -> any
>
> Wireless
> pass | * | * | * | * | * | Default OPT1-> any
>
> t.
>
> ----- Original Message ----- 
> From: "John Bohman" <j dot bohman at comcast dot net>
> To: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Wednesday, November 02, 2005 8:35 AM
> Subject: [m0n0wall] Firewall prob
>
>
>> I'm having problems passing traffic out the wan port to/from the wireless
>> port
>> I can access the lan to/from the wireless card fine..
>> I know I'm missing something simple, but am too tired to see it..
>>
>> Current rule set:
>>
>> Wireless (sis0)
>>   *  Wireless net  *  LAN net  *
>>   *  LAN net  *  Wireless net  *
>>   *  WAN address  *  Wireless net  *
>>   *  Wireless net  *  WAN address  *
>> WAN
>>   *  Wireless net  *  WAN address  *
>>   *  WAN address  *  Wireless net  *
>> LAN  (sis2)
>>   *  *  *  *  *  Default LAN -> any
>>   *  LAN net  *  Wireless net  *
>>   *  Wireless net  *  LAN net  *
>>
>> Thanks in advance..
>> John B.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>