Pål Borsheim wrote:
> If I understand U here right U mean that the
> firewall filter is not suppose to work that way.
Not exactly. I think the filter works as it's supposed to.
I think there's a flaw somewhere. Currently, IMXP, the user has to
enter 2 rules in the rulebase every time (s)he wishes to tell the
firewall about something that's actually conceptually only a single
rule. But only if the rule pertains to a NATed host or network.
Could be because:
a) m0n0wall should autogenerate one of the rules, but it's broken in my setup
b) m0n0wall is broken wrt. when and how traffic is passed between NAT
and the filter
c) that's a specific feature of m0n0wall
I don't know which, since I'm not a m0n0wall expert.
Maybe it's a) and my personal setup is broken, but my current personal
impression is that it's b), of course :-).
> If I am to enter the rules twice one for translated address
> and one for untranslated address then this is not right.
Try if it works anyway.