[ previous ] [ next ] [ threads ]
 
 From:  Tim Nelson <tnelson at rockbochs dot com>
 To:  Monowall User List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] lan firewall rules
 Date:  Thu, 13 Nov 2008 13:11:44 -0600 (CST)
You haven't actually said what type of problem you're having... however looking at your rules... I'd
say there are a few changes you need to make.

1. Your port assignments should be in the "Destination" fields, not the "Source" fields.
2. Your rule for DNS should also/instead allow UDP.
3. Source should always be LAN net for that interface.
4. UDP is unneeded on protocols FTP, HTTPS, and SMTP.

Please make those changes and post more information if the problems persist.

Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105

----- "Nuno Meireles" <nuno dot meireles at cm dash penela dot pt> wrote:

> I setup today a monowall box, but have some with the firewall rules.
> 
> I need to allow traffic  from lan->Wan : http ftp pop smtp and block
> everthing else.
> 	
> This is my setup
> 
> Pro     Soruce  Port        Dest       Port 
> TCP  	   *  	 53 (DNS)  	   *         *  	    	
> TCP    LAN net    80 (HTTP) 	   * 	       * 	  	
> TCP   	* 	110 (POP3)     * 	       * 	  	
> TCP/UDP 	* 	25 (SMTP)      * 	       * 	  	
> TCP/UDP 	* 	443 (HTTPS)     * 	* 	  	
> TCP/UDP 	* 	21 (FTP) 	    * 	 * 	  	
> TCP 	    LAN net 	* 	* 	       * 	  
> 
> Can you help???
> 
> Nuno Meireles
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch