Hello all,

Could anybody explain me a very strange behavior m0n0wall filter? What
I do wrong?

m0n0 1.0b1 and 1.0 - I've tried both

m0n0 Interfaces:
     vr1 - internal
     vr0 - external

m0n0 addresses:
     vr0 - 217.xx.xx.11
     vr1 - 192.168.0.79

LAN:     192.168.0.0/24

NAT 1:1
     217.xx.xx.10 <-> 192.168.0.80

Arp proxy :
     217.xx.xx.10


Rules:
      WAN interface
          Proto     Source        Port Destination Port Description
           ICMP     *             *        *       *
            *     217.xx.xx.8/29  *        *       *
        TCP/UDP     *             *       LAN net  *

    LAN interface
      Proto Source Port Destination Port Description
      *    LAN net  *       *         *   Default LAN -> any

I try to go on 217.xx.xx.10 (192.168.0.80) from from the outside.
      
m0n0 logs:
     Last 50 firewall log entries
     19:22:01.911042 vr1 @0:11 b 192.168.0.80,22 -> 19x.1x.2x.2x,33233 PR tcp len 20 60 -AS IN
     19:21:55.910634 vr1 @0:11 b 192.168.0.80,22 -> 19x.1x.2x.2x,33233 PR tcp len 20 60 -AS IN
     19:21:52.912718 vr1 @0:11 b 192.168.0.80,22 -> 19x.1x.2x.2x,33233 PR tcp len 20 60 -AS IN
     19:18:26.736607 vr1 @0:11 b 192.168.0.80,22 -> 19x.1x.2x.2x,33138 PR tcp len 20 60 -AS IN

i.e. the default rule on the internal interface block outbound
(incoming to vr1) traffic. Well, but why I can ping, ssh and other
_from_ 192.168.0.80 ???? 

[> [com@P733 com]$ ping 217.18.136.66
> PING 217.18.136.66 (217.18.136.66) from 192.168.0.80 : 56(84) bytes of data.
> 64 bytes from 217.18.136.66: icmp_seq=0 ttl=242 time=71.552 msec
> 64 bytes from 217.18.136.66: icmp_seq=1 ttl=242 time=69.965 msec


When I try show the rules list by exec.php I've got:
     $ ipfw show
     ipfw: getsockopt(IP_FW_GET): Protocol not available


Why doesn't the lan rule match? What I have to repair or modify?

Thanking you in advance

-- 
Best regards,
 Serge                          mailto:serge at artlife dot tomsknet dot ru