[ previous ] [ next ] [ threads ]
 
 From:  "David Kitchens" <spider at webweaver dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Feature Request
 Date:  Fri, 5 Jan 2007 01:51:57 -0500 
I admit I hadn't thought of that! The only problem I have with it is that my
server is on a VLAN different than my workstation so I will have to continue
to edit both rules. :( I think I may have to upgrade to a 4801 since the gui
performance is much slower now but on 1.3b2 I get faster thruput so I can
wait for gui issues, lol.

Dave

> -----Original Message-----
> From: Ryan Mullins [mailto:rmullins at ciscomonkey dot net] 
> Sent: Thursday, January 04, 2007 6:37 PM
> To: David Kitchens
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Feature Request
> 
> I do this same situation a lot.  What I've done is just 
> change the firewall rule to allow
> 3389 to my network (eg. 192.168.1.0/24) instead of just the 
> host.  That way I only have to change the NAT rule to point 
> to the other server address.
> 
> -Ryan
> 
> * David Kitchens <spider at webweaver dot com> [2007-01-04 18:32:12]:
> 
> > Point taken, I hadn't thought of tweaking just the firewall 
> rule but 
> > in most cases I have ran into, the two rules are meant to 
> be together. 
> > All I was hoping for was a checkbox option like we have on the NAT 
> > page that would update the other rule if the user wanted to. It 
> > doesn't have to be a mandatory thing, but most of the time I have 
> > needed to edit both. Example for my situation is port 3389, 
> 99% of the 
> > time, I have it set to my workstation so I can get to it remotely, 
> > here and there I need to let someone use Terminal Services 
> to get to 
> > my W2K3 server and I have to change the rules. I am not a 
> programmer 
> > so I didn't know if this could be done but figured I would throw it 
> > out to the list and see. Having a drop menu for aliases 
> seems like it 
> > should be fairly simple, that's more cosmetic than anything else.
> > 
> > Dave
> > 
> > > -----Original Message-----
> > > From: Neil A. Hillard [mailto:m0n0 at dana dot org dot uk]
> > > Sent: Thursday, January 04, 2007 3:41 PM
> > > To: m0n0wall at lists dot m0n0 dot ch
> > > Subject: Re: [m0n0wall] Feature Request
> > > 
> > > Hi,
> > > 
> > > In message <459D622B dot 6090906 at gmx dot de>, Carsten Holbach 
> > > <Carsten dot Holbach at gmx dot de> writes
> > > >I support this feature request!
> > > >
> > > >David Kitchens schrieb:
> > > >> While I love the "Auto-add a firewall rule" option in NAT,
> > > I find it
> > > >>odd  that when I want to edit a NAT rule, this feature is
> > > not there. 
> > > >>It seems  like it should be able to change to "Update 
> the firewall 
> > > >>rule" when you Edit  a NAT setting. Currently, if I want to
> > > edit a NAT
> > > >>rule, I also have to edit  the firewall rule. Would this be
> > > possible to do?
> > > >>   Second thought, since we have the blue fields for Aliases, 
> > > >>could the fields  be drop down lists of available aliases? Not a
> > > major issue
> > > >>but a thought  since I am editing rules right at the moment.
> > > >>   Also, a quick report on a production Net 4511 
> upgrade to 1.3b2:
> > > >>   Upgrade was painless, everything worked that I use. Web and 
> > > >>mail services  working to two servers, VLANs working, VPN's to 
> > > >>several clients work fine,  (all connected to M0n0wall 
> 1.22). My 
> > > >>mini-pci wireless B is more stable now  than it was 
> under 4.11, it
> > > used to stop
> > > >>working now and then.. The webgui is  slightly slower than
> > > it was but
> > > >>a 4511 is only a 133mhz so I expected that  and can 
> deal with it. 
> > > >>Overall, a fine piece of work and a painless upgrade  as usual 
> > > >>with M0n0wall!
> > > 
> > > I can see how it could be useful but I don't think it is 
> that easy 
> > > to implement.  The two tables are completely separate so 
> some form 
> > > of link between the two would need to be maintained.
> > > 
> > > What happens when you've 'tweaked' the firewall rule?  Would the 
> > > link be severed or would the NAT rule update overwrite 
> the firewall 
> > > rule changes?
> > > 
> > > When adding a rule it's a bit of a no-brainer but 
> maintaining from 
> > > then on wouldn't be particularly easy... unless I've missed 
> > > something obvious!
> > > 
> > > My 2p worth!
> > > 
> > > ATB,
> > > 
> > > 
> > >                                 Neil.
> > > 
> > > -- 
> > > Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk
> > > 
> > > 
> --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> > > 
> > > 
> > 
> > 
> > 
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>