[ previous ] [ next ] [ threads ]
 
 From:  "Mike Donegi" <mandoneg at sarenet dot es>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  sis0 blocking email trafic
 Date:  Sun, 27 Jun 2004 09:59:36 +0200 
email server             monowall          cisco adsl
192.168.0.1----192.168.0.254(sis0) / 10.0.0.1(sis1) -- 10.0.0.254 --internet


Incoming connection from rule
pass in log quick proto tcp from 192.148.x.x/32 to 192.168.0.1/32 port = 25
keep state group 200

sis1 @200:1 p 192.148.x.x,51256 -> 192.168.0.1,25 PR tcp len 20 48 -S K-S IN
sis0 @200:1 p 192.148.x.x,51256 -> 192.168.0.1,25 PR tcp len 20 48 -S K-S
OUT

But email server syn-ack is blocked by sis0

sis0 @0:17 b 192.168.0.1,25 -> 192.148.x.x,51251 PR tcp len 20 48 -AS IN
sis0 @0:17 b 192.168.0.1,25 -> 192.148.x.x,51176 PR tcp len 20 48 -AS IN

Rule 17 is the default rule
block in log quick proto tcp from any to any

The default rule Lan -> any is ignored
pass in quick from 192.168.0.0/24 to 192.168.0.254/32 keep state group 100
pass in quick from 192.168.0.0/24 to any keep state group 100

help...