[ previous ] [ next ] [ threads ]
 
 From:  Claude Hecker <hecker at ifina dot de>
 To:  Ville Leinonen <monowall at leinonen dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Question about fw rules and interfaces.
 Date:  Fri, 17 Feb 2006 10:55:52 +0100
That's not the truth.......
by default a m0n0 box will only filter incomming traffic
with the gui setup, but is also able to handle all outgoing
traffic with the hidden shell commands.

Or if you would try you can get a different image
from Kris Shaw!

http://www.m0n0.ch/wall/list/showmsg.php?id=244/33

Try to get in touch with him!

regards
Claude

Ville Leinonen wrote:

> Hi,
> 
> Thank you for that information.
> 
> Br,
> 
> Ville
> 
> Rasmus Fauske wrote:
> 
>> monowall at leinonen dot org skrev:
>>
>>> Hi all,
>>>
>>> I just setup my fw and i create some vlans. Now i have intresting
>>> situation for my fw rules and interfaces. Lets say that i have 
>>> prodnet int
>>> and mgmtnet int, now i want to make fw rule that allows telnet and ssh
>>> from prodnet to mgmtnet and deny everything else. So my rules should be
>>> like this (i also want there is no limitations for prodnet traffic)?
>>>
>>> prodnet:
>>> Rule Proto Source  Port Destination Port
>>> Pass TCP   prodnet *    mgmtnet     22
>>> Pass TCP   prodnet *    mgmtnet     23
>>> Deny *     *       *    mgmtnet     *
>>> Pass *     prodnet *    *           *
>>>
>>> mgmtnet:
>>> Rule Proto Source  Port Destination Port
>>>
>>> But now some reason i can take eg http session from prodnet to 
>>> mgmtnet. Is
>>> there some limitations for filtering or do i missunderstand something?
>>> I running 1.21 version.
>>>   
>>
>> You can do it like this as m0n0 only check incoming traffic on the 
>> interface.
>>
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>