[ previous ] [ next ] [ threads ]
 
 From:  "David Burgess" <apt dot get at gmail dot com>
 Cc:  "Monowall User List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] lan firewall rules
 Date:  Fri, 14 Nov 2008 07:20:39 -0700
On Thu, Nov 13, 2008 at 12:03 PM, Nuno Meireles
<nuno dot meireles at cm dash penela dot pt> wrote:
> I setup today a monowall box, but have some with the firewall rules.
>
> I need to allow traffic  from lan->Wan : http ftp pop smtp and block
> everthing else.
>
> This is my setup
>
> Pro     Soruce  Port        Dest       Port
> TCP        *     53 (DNS)          *         *
> TCP    LAN net    80 (HTTP)        *           *
> TCP     *       110 (POP3)     *               *
> TCP/UDP         *       25 (SMTP)      *               *
> TCP/UDP         *       443 (HTTPS)     *       *
> TCP/UDP         *       21 (FTP)            *    *
> TCP         LAN net     *       *              *
>
> Can you help???


These should be destination ports, not source ports.
Your last rule should be drop, not allow.
I think you need UDP as well as TCP to port 53 for DNS queries.


db