Chris Buechler wrote:
> Molle Bestefich wrote:
> > So for some pseudo/automagic rules, I can look in the rulebase.
> > For others, I have to use magic means to find out that it's hidden
> > away on "status.php" and manually type "status.php" in my browser.
> > M0n0wall is getting more cryptic to me as each day passes :-).
> It's not that cryptic. Had you read the page where you found out how
> to subscribe to this mailing list, you'd know about it. :)
That page says:
"With many problems (e.g. blocked packets that shouldn't be blocked,
hardware problems, other configuration issues), it's a good idea to
provide the (anonymized) output from http://m0n0wall-ip/status.php"
But since I'm not debugging any of these issues, it would never occur
to me to seek out that particular behind-the-covers page.
It's a bad user experience, and should be changed so that either:
1) All anti-spoofing rules are shown (readonly) in the rulebases, not
just the RFC1918 anti-spoofing rule.
2) None of the anti-spoofing rules are shown, and the user is directed
at a page containing the raw rulebase (eg. status.php) if (s)he wants
to know what antispoofing rules are in effect.