|
||||||||||
berek at rz dot uni dash leipzig dot de wrote: >>berek at rz dot uni dash leipzig dot de wrote: >> >>>hi, >>>i'm using m0n0 for some years now. but now the firewall seems to let > > connections > >>>be established that should be blocked. > > ... > >>>definitely NOT allowed in my list. thus they normally should be blocked by > > the > >>>default blocking rule of the WLAN interface. but they pass through, as i can >>>see in the output of iptraf on the linksys. the ports that were passed the > > last > >>>time were different ones between 62000 and 63000. > > Chris Buechler said: > >>They're ephemeral ports, most likely source ports is what you're >>seeing, and it has to be allowed by the state table if it isn't >>allowed explicitly in your rules. > > > here is on line of the output of the firewall state: > > Source Port Destination Port Protocol Packets Bytes TTL > 10.11.77.5 1073 137.226.34.227 55413 tcp 775555 756769468 > 2:30:00 > > the connection has *destination* port 55413, and that one is not in the allow > list. hmpf. i'm helpless. > > yours & thanks for your ideas, > mathias berek Mathias... You will need to either restart (a little drastic) the m0n0wall or (better choice) go to the diagnostics page and select "Reset State" Adding new blocking rules will not kill off already established connections. Resetting the firewall state will fix this. Hope I didn't miss anything... -- Bill Arlofski |