|
||||||||||
Kim Hartlev wrote: > Hi, > > I'm having trouble getting m0n0wall to log to a server in DMZ. All UDP > packets on port 514 are blocked by MW. I have the following setup: > > LAN IP: 192.168.250.1 > DMZ IP: 192.168.252.1 > Syslogd server IP: 192.168.252.2 > > I see the following in the firewall log: > 11:00:40.258164 sis2 @0:8 B 192.168.250.1,514 -> 192.168.252.2,514 PR udp > len 20 149 OUT weird, if trying to pass packets into the DMZ, it shouldn't be sourcing them from that interface.... >>From the status page I found the following auto generated pass rule under > the ipfstat -nio section: > @2 pass out quick proto udp from 192.168.252.1/32 to 192.168.252.0/24 port > = 514 keep state group 450 the rule is correct, the packets for your logserver should originate from the dmz interface of the FW. > I was wondering if the source IP should have been the LAN IP instead of the > DMZ IP since the source IP of the blocked packets are the LAN IP. > If this is the case, is there any way to add a new "pass out" rule from the > webgui? > nope, a "pass out" rule won't help for the reasons above. sorry i have no real info, i wanted to shed a little light on what you're seeing so far, looks like some more packet traces are in order..... good luck dave > Best regards, > Kim Hartlev > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > |