[ previous ] [ next ] [ threads ]
 
 From:  "Brandon Holland" <brandon at cookssaw dot com>
 To:  "'Stephen Angell'" <stephen dot angell at gbsd dot org>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] rules rule me
 Date:  Mon, 23 Feb 2004 14:16:13 -0600 
> -----Original Message-----
> From: Stephen Angell [mailto:stephen dot angell at gbsd dot org]
> Sent: Monday, February 23, 2004 2:01 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] rules rule me
> 
> Hi. I am a New m0n0wall user. I just set it up Saturday.
> 
> I am trying to setup Netmeeting capability on a "generic-pc-cdrom"
version
> 1.0 built on Feb 15, 2004 m0n0wall. For the inbound, from the WAN, I
have
> set the following parameters in the webGUI:
> 
> Pass	WAN	TCP	ANY	*	192.168.1.31	1720	Allow
Frag packets

Opening a port in your firewall won't magically cause GRC to see that
the port is open.

A PASS rule bypasses the firewall.  If there is a place for the packet
to go once it passes the firewall rule (to say your listening SMTP
server on port 25) then GRC will see the mail server and tell you the
port is open.

If however you have a rule to PASS with nothing to pass to (if you
haven't set NAT on the port or m0n0wall doesn't have the port open)
it'll hit the top stack and return a reset packet, telling GRC it's
"closed".

> 
> Background info: My ISP has given me a bank of WAN IPs to use so I am
> doing 1:1 NAT. My Win2K PC has a LAN static IP (specified on the DHCP
> page) and a corresponding WAN IP (specified on the Firewall:NAT page
on
> the 1:1 tab).
> 
> When I run a port scan from GRC's Shields Up site
> (http://grc.com/x/ne.dll?rh1dkyd2), it says the 1720 port is not
stealth,
> but closed. Why is this port closed when I setup the above rule to
open
> it? Is there a Default HIDDEN rule that blocks everything coming in on
the
> WAN or do I have to create one and put it at the bottom of the WAN
rules
> list (which I have tried)?

No.  Read above.

> 
> Also, I am a little (read: alot) confused about the "/32" stuff at the
end
> of the IP field. I know this is how I can specify a range of IPs but I
> haven't been able to find any documentation or the proper search term
to
> educate myself. Any direction there would be fabulous as well.

This is called Classless Interdomain Routing (CIDR)  I believe it is
anyway, I'm not looking it up and I've heen out of cisco for a while...

At any rate, to keep things brief: 32 is a single host, 24 is
255.255.255.0, 16 is 255.255.0.0, 8 is 255.0.0.0, 0 is the world

The /number corresponds with the number of bits you want to use as the
network number.  (Leaving what's left as the host number)

For a 255.255.255.0 mask the first three octets are network numbers, the
last is host.   255 is represented by 8 "on" bits and  8*3 equals 24 so
hence the /24 for the typical class C address.


> 
> Now all this may well be explained in the archives but I could not
find it
> so thanks in advance for your patience and any answers provided.
> 
> Stephen Angell
> Computer Specialist
> Gov. Baxter School for the Deaf
> Mackworth Island
> Falmouth, Me 04105
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 


Brandon

PS: this bottom posting thing is new to me, is this where I put my name

:)