[ previous ] [ next ] [ threads ]
 
 From:  Claudio Castro <ccastro at unr dot edu dot ar>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Default Rules to DMZ
 Date:  Wed, 07 Jun 2006 09:23:58 -0300
> On 6/6/06, Claudio Castro <ccastro at unr dot edu dot ar> wrote:
>> Hi all,
>>  I was just testing some rules when I find that the DMZ zone is
>> accepting any kind of traffic FROM the LAN zone....is this correct by
>> default? Because I don have any rules allowing this in my dmz's ruleset.
>>
>
> Your default LAN to any rule allows this.
>
> Rules are applied on the interface the traffic enters (in this case 
> the LAN).
>
> -Chris
>
If the traffics goes from the LAN to the the DMZ, the traffic is 
entering to the DMZ interface...that's what I think...I may be wrong.

Anyway, so to stop this I would have to set a rule in the LAN interface 
to block any default traffic that is not affected by any other rule right?


-Claudio
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>