[ previous ] [ next ] [ threads ]
 From:  "James W. McKeand" <james at mckeand dot biz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Would like to filter outbound traffic for corporate security purposes but my rules don't seem to work
 Date:  Sat, 12 Nov 2005 05:35:52 -0600
Jason Collins wrote:
>   Glad to post the config -- I am assuming you want the rules and not
> the whole thing (it' rather large)?  I figured out from the
> documentation and having used other firewalls the top to bottom
> filtering and in an effort to get it working, tried leaving out a
> deny rule altogether and it still wouldn't let anything through. 
> Anyway, here's the rules config: 
>         <rule>
>             <type>pass</type>
>             <interface>lan</interface>
>             <protocol>tcp</protocol>
>             <source>
>                 <network>lan</network>
>                 <port>443</port>
>             </source>
>             <destination>
>                 <any/>
>                 <port>443</port>
>             </destination>
>             <descr>HTTPS Out (Allowed)</descr>
>         </rule>

I Snipped everything but this one to show your confusion. The source
port for traffic for most services is not the same as the destination
port. The web browser will choose a random port (I cant think w/o coffee
- don't remember the range) above 1024. The source port should be any.

***note =>       <port>any</port>
             <descr>HTTPS Out (Allowed)</descr>

There are some services that the source port will be the same as the
destination port. I think DNS is one of these (note still no coffee...
Someone correct me please) my suggestion would be to make the source
port be "any" just to be safe.

James W. McKeand