[ previous ] [ next ] [ threads ]
 
 From:  "Ron Freidel" <rfreidel at computergeex dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] firewall lets ports pass although blocked
 Date:  Wed, 09 Nov 2005 13:21:15 +0000
berek at rz dot uni dash leipzig dot de wrote:
>
> hi,
>
> i'm using m0n0 for some years now. but now the firewall seems to let connections
> be established that should be blocked.
> @55 pass in quick proto tcp from 10.11.0.0/16 to any port = 554 keep state group
> 300
> @56 pass in quick proto tcp from 10.11.0.0/16 to any port = 7070 keep state
> group 300
> @57 pass in quick proto tcp from 10.11.0.0/16 to any port = 3306 keep state
> group 300
> @58 pass in quick proto udp from 10.0.0.0/8 to any port 33433 >< 33535 keep
> state group 300
> @59 pass in quick proto tcp/udp from 10.11.0.0/16 to any port = 8880 keep state
> group 300
> @34 block in log quick from any to any
> ::::::::::::::::::::::::::::::::

Hi,

It's early so I probably should't be replying to this but....

I am a newbie to Monowll, but not to firewalls, and more expressly freebsd
firewalls, were these connections you see established from within the network?
Or are the connections coming in on their own?

What happens if you move the last rule 34 up to the top of the list?