I noticed the same thing(only looked at 1.2) if you put in DNS servers 
that refuse your requests(for instance if you switch ISPs but forget to 
change the DNS entries).  If the DNS server refuses the request(sends 
refused responses) m0n0wall will constantly keep sending DNS 
queries(multiple times a second non-stop).  This was another scenario 
that would not have been noticed without a packet sniffer.  I had to put 
another system on the wire to see why m0n0wall was generating all the 
traffic(I noticed the activity lights always going).   Yea... I want a 
packet sniffer with m0n0wall :).

dw dot dw dot dw at gmail dot com wrote:
> Hi Folks,
> 
> m0n0wall (v1.2 generic-pc) is continuously sending some packets to my
> ISP's DNS Server. I'm using PPPoE on WAN. The DNS Servers are served
> by my ISP on dialup.
> Since m0n0wall is sending packets every second, it makes me about 17MB
> traffic per day, resulting in 500MB per month.
> 
> Packets are always sent to the DNS Server while WAN is up. No matter
> whether LAN interface is connected or not.
> DNS Forwarder & DHCP Server is on.
> 
> Screenshot from Firewall States Table:
> http://home.arcor.de/tempdir/m0n0wall_dns.png
> 
> If you need some further information just let me know.
> 
> Best Regards,
> David
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>