[ previous ] [ next ] [ threads ]
 From:  sai <sonicsai at gmail dot com>
 To:  berek at rz dot uni dash leipzig dot de
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: firewall lets ports pass although blocked
 Date:  Sat, 12 Nov 2005 11:37:33 +0500
> here is on line of the output of the firewall state:
> Source          Port    Destination     Port    Protocol  Packets       Bytes   TTL
>      1073  55413   tcp     775555        756769468
> 2:30:00
> the connection has *destination* port 55413, and that one is not in the allow
> list. hmpf. i'm helpless.

I suspect that this is part of a ftp download. The port and the number
of bytes point to it. Also the ip address is that of 
sunsite.informatik.RWTH-Aachen.DE  ;  I only access sunsites are for
ftp downloads...

if you initiate an ftp download then the m0n0 will allow other ports
to be used for that session/connection.