On Thu, Nov 13, 2008 at 12:03 PM, Nuno Meireles
<nuno dot meireles at cm dash penela dot pt> wrote:
> I setup today a monowall box, but have some with the firewall rules.
> I need to allow traffic from lan->Wan : http ftp pop smtp and block
> everthing else.
> This is my setup
> Pro Soruce Port Dest Port
> TCP * 53 (DNS) * *
> TCP LAN net 80 (HTTP) * *
> TCP * 110 (POP3) * *
> TCP/UDP * 25 (SMTP) * *
> TCP/UDP * 443 (HTTPS) * *
> TCP/UDP * 21 (FTP) * *
> TCP LAN net * * *
> Can you help???
These should be destination ports, not source ports.
Your last rule should be drop, not allow.
I think you need UDP as well as TCP to port 53 for DNS queries.