[ previous ] [ next ] [ threads ]
 
 From:  "Paul Taylor" <PaulTaylor at winn dash dixie dot com>
 To:  "Brieseneck, Arne, VF-Group" <Arne dot Brieseneck at vodafone dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] RE: SSH rule dows not work
 Date:  Mon, 10 Sep 2007 10:43:56 -0400
Also, it shows the destination as 192.168.50.190 in the log, but the
rule is for 192.168.50.90.  Is that a typo in your email, or is there a
typo in the rule?

-----Original Message-----
From: Paul Taylor [mailto:PaulTaylor at winn dash dixie dot com] 
Sent: Monday, September 10, 2007 10:42 AM
To: Brieseneck, Arne, VF-Group; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] RE: SSH rule dows not work


TCP   10.5.40.34:22  --> 192.168.50.90:22

denied 1632:45364880   WAN   10.5.40.34:4502  -->
192.168.50.190:22

It is doing exactly what you've configured it to do.  Your source port
is configured as 22.  It is being denied because the source port is
4502.



-----Original Message-----
From: Brieseneck, Arne, VF-Group [mailto:Arne dot Brieseneck at vodafone dot com] 
Sent: Monday, September 10, 2007 10:37 AM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] RE: SSH rule dows not work

 

	Hi all,
	 
	it seems as if my ssh rule for traffic coming from WAN towards a
server in LAN dows not work. 
	 
	The configuration is very simple. And without the rule deny
which should allow this traffic and an any-any therefore it is working.
So routing etc. is fine.
	 
	This is the config: 
	TCP   10.5.40.34:22  --> 192.168.50.90:22 
	
	 
	 
	and the flow back is allowed in the LAN section: 
	* LANnet:*  --> *:*
	 
	 
	
	 
	But here is the error: 
	denied 1632:45364880   WAN   10.5.40.34:4502  -->
192.168.50.190:22 
	 
	
	 
	This sounds strange to me, because SSH only needs port 22 and no
passive ports like FTP.
	 
	Has anyone a hint?
	 
	 
	Thanks a lot for your help


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch