[ previous ] [ next ] [ threads ]
 
 From:  Dinesh Nair <dinesh at alphaque dot com>
 To:  Martin Holst <mail at martinh dot dk>
 Cc:  christian at nyegaard dot net, <m0n0wall at lists dot m0n0 dot ch>, =?iso-8859-1?Q?Michael_=D8stergaard_Pedersen?= <michael at bytopia dot dk>
 Subject:  RE: [m0n0wall] Possible bug: LAN redirection via static route
 Date:  Mon, 17 May 2004 23:28:23 +0800 (MYT) 
On Mon, 17 May 2004, Martin Holst wrote:

> Only the first SYN-packets are passed via rule @2 - all other are
> apparently blocked by @68.

since @2 is a group 100, and only packets failing the head 100 rule would
drop into @2, it would perhaps be more informative if you posted the
entire ruleset which is causing this to happen.

--dinesh


> /Martin
>
> -----Original Message-----
> From: Christian Nyegaard [mailto:christian at nyegaard dot net]
> Sent: 17. maj 2004 14:33
> To: Martin Holst
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: RE: [m0n0wall] Possible bug: LAN redirection via static route
>
> Hi,
>
>
> > What could cause m0n0wall to skip this rule:
> > "@2 pass in quick from 192.168.1.0/24 to any keep state group 100"
> > And apply this one instead?
> > "@68 block in log quick proto tcp from any to any"
>
> The @2 rule there.. Which m0n0wall is this on?
>
> I might've misunderstood this completely, but that is a pass in quick rule
> On the monowall so I presume this rule is on the m0n0wall in front
> Of the 172.16 network?
>
> You may also want to enable logging for @2 to see if it's actually
> Noticing anything going by it.
>
> Then again I might've completely missed the point and be way off here.
>
>
> -Chris
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>

Regards,                           /\_/\   "All dogs go to heaven."
dinesh at alphaque dot com                (0 0)    http://www.alphaque.com/
+==========================----oOO--(_)--OOo----==========================+
| for a in past present future; do                                        |
|   for b in clients employers associates relatives neighbours pets; do   |
|   echo "The opinions here in no way reflect the opinions of my $a $b."  |
| done; done                                                              |
+=========================================================================+