Thanks for your reply.
On Wed, Nov 23, 2005 at 10:29:10PM +0800, Dinesh Nair wrote:
> On 11/23/05 18:51 Alain Fauconnet said the following:
> >The only reference to this I've found is
> >I've enabled 'advanced outbound NAT' as advised, but this has made no
> >change. I'm note sure how it would anyway, since I don't use NAT
> >at all.
> enabling Advanced Outbound NAT and then not adding any entries effectively
> disables NAT on LAN->WAN packets. i know this sounds counter-intuitive, but
> that's the way it is. :)
So why do I still have all those NAT-related entries in the status.php
output? OK, I need to study ipfw and ipnat... my culture is Linux's
> >LAN is 188.8.131.52/23
> >WAN is 184.108.40.206/30
> looks like you've got a split subnet. /23 on your LAN will clash with /30
> on your WAN.
Sorry, typo. WAN is 220.127.116.11/30 (this shows in the status.php
Routing is fine.
Any more input? why are the (WAN->LAN) replies to incoming
(WAN->LAN) connections rejected although I don't have a single reject
rule and I allow everything on both sides?
My guts feeling is that statefulness works only for LAN->WAN
connections by design of M0n0wall, so I need to "hack" the
configuration of the firewall my means of 'shellcmd' entries in config,
but this is just a wild guess at this point.