|
||||||||||
That's not the truth....... by default a m0n0 box will only filter incomming traffic with the gui setup, but is also able to handle all outgoing traffic with the hidden shell commands. Or if you would try you can get a different image from Kris Shaw! http://www.m0n0.ch/wall/list/showmsg.php?id=244/33 Try to get in touch with him! regards Claude Ville Leinonen wrote: > Hi, > > Thank you for that information. > > Br, > > Ville > > Rasmus Fauske wrote: > >> monowall at leinonen dot org skrev: >> >>> Hi all, >>> >>> I just setup my fw and i create some vlans. Now i have intresting >>> situation for my fw rules and interfaces. Lets say that i have >>> prodnet int >>> and mgmtnet int, now i want to make fw rule that allows telnet and ssh >>> from prodnet to mgmtnet and deny everything else. So my rules should be >>> like this (i also want there is no limitations for prodnet traffic)? >>> >>> prodnet: >>> Rule Proto Source Port Destination Port >>> Pass TCP prodnet * mgmtnet 22 >>> Pass TCP prodnet * mgmtnet 23 >>> Deny * * * mgmtnet * >>> Pass * prodnet * * * >>> >>> mgmtnet: >>> Rule Proto Source Port Destination Port >>> >>> But now some reason i can take eg http session from prodnet to >>> mgmtnet. Is >>> there some limitations for filtering or do i missunderstand something? >>> I running 1.21 version. >>> >> >> You can do it like this as m0n0 only check incoming traffic on the >> interface. >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > |