[ previous ] [ next ] [ threads ]
 From:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>
 To:  Andrew Batson <abatson at twcny dot rr dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Problem with M0n0Wall and Hamachi
 Date:  Sun, 18 Feb 2007 15:48:15 -0500
Andrew Batson wrote:
> Hello,
> 	I am having a problem with MonoWall and Hamachi. When I tried to
> host/join certain games, M0n0Wall blocks the attempt. I found the problem by
> setting M0n0Wall to display the firewall logs in raw form. After reading on
> M0n0Wall web site, I found the following.
> 19.6.1. Reading raw IPFilter logs
> 	If all else fails and you need to determine exactly which rule is
> dropping the traffic, go to status.php on your M0n0Wall to the "last 50
> filter log entries" section. Find the log line applying to the traffic in
> question, and make note of the rule number. The rule number is denoted by an
> @ followed by a number, then a colon, then another number, for example
> @0:18. The 0 indicates the first group, and the 18 indicates rule number 18
> in group 0.
> 	Then go up to the output of "ipfstat -nio" and find the rule in
> question. Anything without a group number at the end of the rule is the 0
> group. @1:1 would indicate the first rule with "group 100" at the end of the
> rule. @2:1 would be the first rule with "group 200" at the end of the rule,
> and so on. Finding the exact rule, since some rules are added by the back
> end of M0n0Wall and not visible on the rules page, may make troubleshooting
> easier.
> 	When I look at the raw fire wall logs, I see the following every
> time I tried to host a game (lan via Hamachi) of Age of Empires III (it
> appears that Hamachi is blocking a broadcast that Age of Empires needs to
> allow you to host/join games). Please note that the xxx.yyyy.zzzz.aaaa is
> the IP address of the Hamachi client and I can play other games just fine
> via Hamachi, just certain ones are failing - all the same way, the block
> broadcast.
> 		15:09:46.977823 3x em0 @0:12 b xxx.yyyy.zzzz.aaaa,1409 ->
>,2299 PR udp len 20 49 IN
> 	When I do a status.php request and goto the "ipfstat -nio" section,
> I see the following:
> 		"@12 block in log quick on em0 from ! to any"
> 	Question, how do I edit a rule I cannot see or find any where in the
> web GUI of M0n0Wall. I would like to be able to host/join games with my
> friends via Hamachi but right now it appears that there are certain rule
> that are hard coded into M0n0Wall that I cannot edit/change?
> Thanks for your help,
> Andrew
Put an allow rule in your rule set to allow the traffic.  The default 
rules are processed after all of your rules.