[ previous ] [ next ] [ threads ]
 
 From:  Adam Nellemann <adam at nellemann dot nu>
 To:  Thomas Hertz <term at cynisk dot net>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] default ruleset
 Date:  Fri, 28 May 2004 20:56:54 +0200 
Thomas Hertz wrote:
> You can see for yourself using "ipfstat -o" in the exec.php that this is so.
> 
> $ ipfstat -o
> pass out quick on lo0 from any to any
> pass out quick on sis1 proto udp from 192.168.0.1/32 port = 67 to any port =
> 68
> pass out quick on sis0 proto udp from any port = 68 to any port = 67
> pass out quick on sis1 from any to any keep state
> pass out quick on sis0 from any to any keep state
> pass out quick on sis2 from any to any keep state
> block out log quick from any to any
> 
> The same goes for "ipfstat -i", for inwards.

So your'e saying that the LAN interface IS blocked by a default rule? 
(Since I see a "block in log quick from any to any" at the bottom of 
my ipfstat -i output.)


Adam.