Andrew Batson wrote:
> I am having a problem with MonoWall and Hamachi. When I tried to
> host/join certain games, M0n0Wall blocks the attempt. I found the problem by
> setting M0n0Wall to display the firewall logs in raw form. After reading on
> M0n0Wall web site, I found the following.
> 19.6.1. Reading raw IPFilter logs
> If all else fails and you need to determine exactly which rule is
> dropping the traffic, go to status.php on your M0n0Wall to the "last 50
> filter log entries" section. Find the log line applying to the traffic in
> question, and make note of the rule number. The rule number is denoted by an
> @ followed by a number, then a colon, then another number, for example
> @0:18. The 0 indicates the first group, and the 18 indicates rule number 18
> in group 0.
> Then go up to the output of "ipfstat -nio" and find the rule in
> question. Anything without a group number at the end of the rule is the 0
> group. @1:1 would indicate the first rule with "group 100" at the end of the
> rule. @2:1 would be the first rule with "group 200" at the end of the rule,
> and so on. Finding the exact rule, since some rules are added by the back
> end of M0n0Wall and not visible on the rules page, may make troubleshooting
> When I look at the raw fire wall logs, I see the following every
> time I tried to host a game (lan via Hamachi) of Age of Empires III (it
> appears that Hamachi is blocking a broadcast that Age of Empires needs to
> allow you to host/join games). Please note that the xxx.yyyy.zzzz.aaaa is
> the IP address of the Hamachi client and I can play other games just fine
> via Hamachi, just certain ones are failing - all the same way, the block
> 15:09:46.977823 3x em0 @0:12 b xxx.yyyy.zzzz.aaaa,1409 ->
> 255.255.255.255,2299 PR udp len 20 49 IN
> When I do a status.php request and goto the "ipfstat -nio" section,
> I see the following:
> "@12 block in log quick on em0 from !192.168.0.0/24 to any"
> Question, how do I edit a rule I cannot see or find any where in the
> web GUI of M0n0Wall. I would like to be able to host/join games with my
> friends via Hamachi but right now it appears that there are certain rule
> that are hard coded into M0n0Wall that I cannot edit/change?
> Thanks for your help,
Put an allow rule in your rule set to allow the traffic. The default
rules are processed after all of your rules.