[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall Liste <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Private IPs on WAN interface?
 Date:  Mon, 19 Dec 2005 23:47:00 -0500
On 12/19/05, martin <mgrap at gmx dot de> wrote:
>
> class 2: TCP Data packets coming from a web server. Examples:
> class 3: TCP RST packets coming from a web server. Examples:
>

these are almost certainly:
http://doc.m0n0.ch/handbook/faq-legit-traffic-dropped.html



>
> But maybe I am misinterpreting the log entries. Is it possible that the
> packets of class 2 and 3 were dropped by the firewall after NAT did
> replace the public receiver address with the private IP address?
>

yes.  NAT always applies first, then firewall rules.

-Chris