[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] rule allowed but being blocked part 2: full post
 Date:  Mon, 12 Dec 2005 17:38:33 -0500 
On 12/12/05, ryanp at hhsys dot org <ryanp at hhsys dot org> wrote:
>
>
> These are allowed via
>
> TCP 10.246.9.0/24:* to 10.249.0.1:1500
>
> but its still being blocked, I even said allow fragmented packets. still
> being blocked. block private network is unchecked, whats going on?
>

It's getting to rule 11:
@11 block in log quick proto tcp from any to any

so it's not in the state table, and it's not the initiation of a new
TCP connection (that would then enter the state table for subsequent
traffic).  Does the particular application work?  Seems like it would
either be this:
http://doc.m0n0.ch/handbook/faq-legit-traffic-dropped.html
or a really broken application.

-Chris