On 3/16/06, Daniele Dorelli <danix at interazioni dot it> wrote:
> Hello there,
> I have a problem going out from my dmz area with services.
> I have three interfaces, WAN, LAN and OPT1.
> By now the rules permit traffic from all ports of any address to any
> I enabled advanced outboud nat.
> I enabled proxy ARP and created a simple rule on WAN (100.100.100.208/28).
> OPT1 address is 100.100.100.208/28.
> My machine address is 100.100.100.209/28.
> It's default gateway is 100.100.100.208.
> But it doesn't work, it doesn't reply to pings and anything else.
> If I change the default router to 192.168.201.1 (the private address of
> m0n0wall on the LAN side) it works.
> But I don't want that traffic come IN from OPT1 interface and goes out
> from LAN interface, it makes no sense.
> Is there something I did wrong?
> How can I use only one interface for the traffic to and from my DMZ?
> Thanks a lot in advance for any useful suggestions.
> Daniele Dorelli - www.interazioni.it
> Via Appia Nuova, 103 - 00183 Roma
> Tel. +39 06 77.20.37.04 - Fax +39 06 77.26.00.35
Well it all depends on what you are trying to achieve. Take a look at
the examples on http://doc.m0n0.ch/handbook/examples.html and try