Re: [m0n0wall] m0n0s hanging : any progress ?

From:	"Lee Sharp" <leesharp at hal dash pc dot org>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] m0n0s hanging : any progress ?
Date:	Sun, 27 Aug 2006 17:00:19 -0500

From: "Aaron Cherman" <aaronc at morad dot ab dot ca>

> > You have tried a lot of hardware, and I remember that.  But has anyone 
> > every
> > tried the 2 layer m0n0 config?  LAN--> M0n0-a --> m0n0-b --> Internet 
> > With
> > all the other stuff you have tried, this seems quite trivial.


> I never did try it.  I had posted for thoughts on how to go about the 
> setup
> some time back and got no response.  Thoughts?

I would set up a double NAT arrangement with a lot of port forwarding. 
Start with nothing but NAT and port forwarding on the outer firewall.  Allow 
ALL in and out. Slowly move all of the advanced functions and restrictions 
to the outer firewall until the inner one has no real functions left.  If 
the crash follows traffic shaping, for example, we know what it is.  If it 
never moves, it is possibly a poisoned packet.

                                Lee