[ previous ] [ next ] [ threads ]
 
 From:  Wilko Lunenburg <wilko at sassenheim dot net>
 Cc:  monowall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] strange entry in firewall logs
 Date:  Thu, 17 Jul 2008 23:10:59 +0200
Hi,

No it is not. There can only come in anything from the WAN interface, 
there is only an accesspoint on the OPT interface. And that AP is 
usually not used by anything.

It is just as if (because the LAN is bridged to OPT) the packets for 
some reason get to the OPT interface and "bounce back".


Wilko



Bob Gustafson wrote:
> It does look as though your IP/port addresses are the same, even though 
> on different physical interfaces. Is this what you wanted?
> 
> On Jul 17, 2008, at 15:08, Wilko Lunenburg wrote:
> 
>> Hello everyone,
>>
>> For quite some time it puzzles me why there are entries in the 
>> firewall-log about blocking smtp connections coming in from my OPT 
>> interface, where my access point is connected to. Most of the time 
>> there is nothing using this accesspoint at all.
>>
>> But shorty I began logging valid smtp accesses from the WAN too and 
>> now I see that for some (not all?!?!) smtp accesses from the WAN there 
>> is a corresponding one that seems to come from OPT.
>>
>> The setup I use is: one network-card connected to a modem to the 
>> internet provider. Another card directly connected to the LAN and the 
>> third card connected to an accesspoint. The last one is brigded to the 
>> LAN.
>>
>> It looks like this in the log:
>>
>> 21:38:49.235667    OPT    88.104.127.246, port 1966    
>> 192.168.77.253,    port 25    TCP
>> 21:38:49.233888    WAN    88.104.127.246, port 1966    
>> 192.168.77.253,    port 25    TCP
>>
>> Where the first line is being blocked and the second accepted, can 
>> anyone explain why this happens?
>>
>>
>>
>> -- 
>> Met vriendelijke groet,
>>
>> Wilko Lunenburg
>>
>> ===
>> There are some things so serious you have to laugh at them. - Niels Bohr
>> ===
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 

-- 
Met vriendelijke groet,

Wilko Lunenburg

===
There are some things so serious you have to laugh at them. - Niels Bohr
===