[ previous ] [ next ] [ threads ]
 
 From:  Michel Servaes <michel at mcmc dot be>
 To:  Monowall User List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] WAN download <> LAN upload
 Date:  Wed, 09 Jan 2008 23:57:02 +0100
I tried blocking on the WAN interface, then used IGMP as protocol, and 
as destination 224.0.0.1
For source, I took "any", as the broadcast comes from various IP's 
(sometimes my ISP gateway, sometimes a private IP ?)
I also left the private IP on blocked for my WAN (the one that is 
possible to enable in Interfaces:WAN)

I've put the rule in front of all other rules, and made sure the logging 
is not enabled... though the logging still fills with these requests...

It's not really an issue, it's just a bit messy, and the idea about 
blocking it via a rule was a great idea, but it won't do it. (or I did 
it wrong - very possible)



ps. This is the second time I try Monowall in a live situation, but so 
far it really looks cool... great and quite easy interface...  I intend 
to buy an Alix board, so I can have a really fanless solution...


Chris Buechler schreef:
> On Jan 9, 2008 5:06 PM, Michel Servaes <michel at mcmc dot be> wrote:
>   
>> I have a generic pc, with 2 LAN & 1 WAN connection.
>> LAN is my network
>> LAN2 is my neighbour network
>>
>> When going to status: Interfaces, I have on a 2 day base the following
>> transfers :
>>
>>
>> WAN :    219,98MB/58.38MB
>> LAN :    46,32MB/63,17MB
>> LAN2 :   10,33MB/47,14MB
>>
>>
>> When checking the upload on LAN + LAN2, it is somehwat in the
>> neighbourhood of my WAN download
>> But when checking against my WAN upload, it seems that this does not add
>> up to my both LAN's.
>>
>>     
>
> It's a 32 bit counter, it rolls over at 4 GB, which is probably the
> reason for the discrepancy.
>
>
>
>   
>> My firewall log shows a lot of ICMP's being blocked to 224.0.0.0 (which
>> I believe is a broadcast of my ISP) - should I ignore this, or should I
>> allow this broadcast into my firewall...
>>
>>     
>
> That's multicast, most likely routing protocols of your ISP. I
> wouldn't worry about it and definitely wouldn't allow it (because that
> would be pointless), you might want to put a non-logging rule on your
> WAN blocking it so you don't get the log noise.
>
> -Chris
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>