|
||||||||
I run monowall with three interfaces, one for WAN and two for my LAN. The first for the LAN is directly connected to the fysical LAN, the other is connected to an AccessPoint and I call it WLAN. This second one (WLAN) is bridged to the LAN interface. So both share the same ip-range (192.168.77.x) On this WLAN interface the rules are somewhat more restricted than on the LAN. What I don't understand is that I see traffic being blocked by monowall that seems to come from ip-addresses on the internet like 71.28.82.220 or 189.188.32.99 but coming in on the WLAN interface! I am pretty sure the they cannot come in on the AccessPoint itself as it is running with a hidden SSID, WPA2 combined with mac-address filtering. And there is no NAT rule sending anything from the WAN interface to the WLAN interface, the only NAT there is one redirecting port 25 to my mail-server that is on the LAN. But the traffic being blocked is *mostly* towards this port 25. Like this one: WLAN 189.188.32.99, port 2410 192.168.77.253, port 25. The mail-server is on that ip-address. It is just that you cannot reach it from the WLAN interface, only from WAN. So where do they come from? Wilko |