Re: [m0n0wall] FW: m0n0wall blocks incoming UDP 500

From:	Manuel Kasper <mk at neon1 dot net>
To:	KnightMB <knightmb at knightmb dot dyndns dot org>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] FW: m0n0wall blocks incoming UDP 500
Date:	Wed, 15 Mar 2006 14:16:41 +0100

On 15.03.06 02:21 -0600, KnightMB wrote:

> To aid in this conversation, I used a port tool to test
> incoming/outgoing ports on m0n0wall PC image version 1.21
> 
> Since I can only manually test one port at a time for data
> input/output, I only did ports 500 UDP to 505 UDP and TCP for
> giggles.
> 
> My test showed that m0n0wall doesn't pass UDP packets on Port 500
> as this person has stated, but it worked fine on ports 501, 502,
> 503, etc. My test did find that TCP packets would pass port 500
> just fine.  I even tried port remapping, like m0n0wall port 500 to
> 501 just to see if it was the direct 500:500 that was having the
> problem and still packets are dropped. I checked the firewall log
> of m0n0wall to see if maybe those packets would show up there,
> nothing found.

Could you post more details on how you conducted this test? Did
you/could you use a packet sniffer to check which UDP packets
actually appeared at m0n0wall's LAN and WAN interfaces (and provide
us with trace files)?

I've tried to reproduce this problem - without success. Result: UDP
communication from/to port 500 worked fine between two machines on
the WAN and LAN interfaces of a 1.21 m0n0wall in the default
configuration - both outbound and (after adding an inbound NAT rule +
firewall rule of course) inbound, and bidirectional in each case.

- Manuel