[ previous ] [ next ] [ threads ]
 
 From:  krt <kkrrtt at gmail dot com>
 To:  Michael <zlinda1002 at cox dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Cannot see traffic/activity with captive portal/sis2
 Date:  Sat, 16 Dec 2006 16:32:08 -0800 
My portal ruleset is slightly different (I drop and log SMTP, permit
ssh to boxes on my lan, drop all other to my lan)... but the key is
that my final rule is
"Proto: *   Source: Portalnet    Port: *  Destination: * Port: *"

Your ruleset does not appear to permit access to your m0n0wall Captive
Portal for the purposes of DNS and HTTP or HTTPS (or whatever).  You
might want to permit ICMP as well, and then drop all other traffic
that's directed to the m0n0wall's Captive Portal IP Address.

Just my two bits.

It should not interfere with ARP/MAC Address/IP Resolution layer-2 activities.




On 12/16/06, Michael <zlinda1002 at cox dot net> wrote:
> What would cause my m0n0wall not to view traffic on the sis2/portal or view
> captive portal activity?
>
> The two interfaces are sis1 193.169.1.0/24 and sis2/portal is using
> 10.172.2.0/28.
>
> Portal rules are as follows;
>
> Proto           Source      Port        Destination              Port
>  TCP            Portalnet               *          *
> 25(SMTP)
> TCP/UDP Portalnet               *          *                    135
> TCP/UDP Portalnet               *          *                    137-139
> TCP/UDP Portalnet               *          *                    445
>  TCP            Portalnet               *          *                    3724
>   *             Portalnet               *       !LANnet         *
>
> The above rules shouldn't allow me not to see traffic or ip/mac activity on
> the captive portal should it?
>
> Mike
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>