|
||||||||
Hello, If you add a rule that blocks a previously allowed connection you may also need to clear the state table. This is because once a (TCP) connection has been allowed it is then stored in a hash table in memory for performance - ie the ruleset only gets checked once for the initial connection. Kris, ----- Original Message ----- From: "Mark Ryan" <markryan at cfl dot rr dot com> To: "LEE Tet Yoon" <leety at ihug dot co dot nz> Cc: <m0n0wall at lists dot m0n0 dot ch> Sent: Saturday, February 03, 2007 7:39 PM Subject: Re: [m0n0wall] weird port forward problem > LEE Tet Yoon wrote: >> At 08:28 a.m. 4/02/2007, you wrote: >> >>> Hi, >>> >>> I added a ssh server and forwarded port 22 to my local machine. It >>> worked fine and then i decided to delete the monowall nat and rule >>> because i didn't need it anymore. >>> >>> Problem is, ssh still works through monowall to my local machine. How >>> is this possible? I double checked the nat and firewall rules and my >>> port 22 rules are gone. >>> >>> Any ideas? >>> >> >> You did remember to apply the rule changes right? (there should be a >> message in the top if not, if in doubt a restart should apply them I >> think) >> >> Cheers >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch >> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch >> >> > Yes, i appled the rule changes. The nat and rule are gone right now yet > ssh still works through the firewall to my box. > > I guess I could restart but that's not really a fix. Just trying to > understand whats happening. > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > > |