I have my first m0n0wall installation up and running and it looks very good.
I have set up things as following:
wan (external ip)
I have a webserver on the lan at IP 10.0.0.10. I have set up NAT. The server
is being DDOS'ed by a few IP addresses on port 80 and I wan't to reject
these IP adresses and all ports (source+dest).
I'm a little confused about whether putting these reject rules on the WAN or
LAN? I thought WAN was the correct place, but I still see traffic coming
through. Any ideas?