[ previous ] [ next ] [ threads ]
 
 From:  Jonathan Karras <jkarras at karras dot net>
 To:  Andrew Kemp <akemp at iquest dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Version 1.22 freeze
 Date:  Wed, 05 Jul 2006 22:13:20 -0600 
A bigger question is before this no ICMP rule was added did you have any 
ICMP specific rules? My thinking is if you had a block ICMP (other than 
the default block all rules) and then added an allow ICMP rule. If this 
were true maybe its some ICMP specific code.

Jonathan

Andrew Kemp wrote:
> That could have been a freak accident though. If the box continues to 
> lock up every few days as long as that ICMP rule is in place, that could 
> be the culprit, but I only allow ICMP from one host and it was locking 
> up long before that rule was added(before that, no ICMP was allowed from 
> anywhere) so I don't believe it is the only thing that causes the lockups.
> 
> Andrew
> 
> PF: m0n0wall wrote:
> 
>> OK, My home mono has been running perfectly for many months.  Three days
>> ago, I added a rule for ICMP and it locked up today.
>>
>> I have a Netgear wireless router on OPT1 with captive portal and traffic
>> shaping. There is a windows 2000 machine (with god knows what on it) and
>> a neoware terminal on OPT1 also.  There is not a lot of traffic on this
>> segment.
>>
>> Rules on opt1 are basically to allow certain ports (RDP) to my LAN and
>> allow TCP and UDP to the internet once the captive portal is
>> authenticated.
>>
>> I was playing with rules in an attempt to get my wife's Nintendo DS to
>> work on my wireless (which still doesn't work.) I created an entry to
>> allow the MAC address of the DS to bypass the captive portal. I also
>> added a rule to allow ICMP. By looking in the log, I found that the DS
>> is not using ICMP at all, but I didn't remove the rule.
>>
>> Nothing has changed other than adding the MAC bypass rule and ICMP rule
>> three days ago. 
>>
>> -Kevin
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>  
>>
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>