[ previous ] [ next ] [ threads ]
 
 From:  "Kim Hartlev" <kam at stofanet dot dk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Remote syslogging to DMZ
 Date:  Thu, 8 Jan 2004 11:17:21 +0100
Hi,

I'm having trouble getting m0n0wall to log to a server in DMZ. All UDP
packets on port 514 are blocked by MW. I have the following setup:

LAN IP: 192.168.250.1
DMZ IP: 192.168.252.1
Syslogd server IP: 192.168.252.2

I see the following in the firewall log:
  11:00:40.258164 sis2 @0:8 B 192.168.250.1,514 -> 192.168.252.2,514 PR udp
len 20 149 OUT

From the status page I found the following auto generated pass rule under
the ipfstat -nio section:
  @2 pass out quick proto udp from 192.168.252.1/32 to 192.168.252.0/24 port
= 514 keep state group 450

I was wondering if the source IP should have been the LAN IP instead of the
DMZ IP since the source IP of the blocked packets are the LAN IP.
If this is the case, is there any way to add a new "pass out" rule from the
webgui?

Best regards,
Kim Hartlev