[ previous ] [ next ] [ threads ]
 
 From:  Adam Nellemann <adam at nellemann dot nu>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Blocks in the log, despite pass all?
 Date:  Sun, 29 Feb 2004 22:20:30 +0100
Hi,

I see some log entries that I don't really understand:

Here's an example of the log output:

22:01:13.871157 wi0 @0:19 b 192.168.32.128,4762 ->
xxx.xxx.xxx.xxx,4334 PR tcp len 20 194 -AP IN


My pass-all firewall rule for the wi0 interface is:

*  IntraNet  *  *  *

(The "IntraNet" alias is this network: 192.168.32.0/23, which should 
cover the LAN, 192.168.33.xxx as well as the OPT1/wi0, 192.168.32.xxx.)

Now, why do I still see what appears to be a block on the wi0 
interface in the log with this rule enabled?

= = =

While I'm at it: Is it correct that the most limited rule that will 
still allow all packets through to/from anywhere on the OPT1 interface is:

* OPT1 Net * * *

Or possibly even:

* OPT1 Net * !OPT1 Net *

Or will it be just as "safe" to use:

* * * * *

My OPT1 is a wireless AP, so I want to limit this interface as much as 
possible, while allowing all traffic through to/from my own wireless 
hosts.

Thanks,

Adam.