|
||||||||
Hi, Vincent Fleuranceau --> m0n0wall (2004-07-23 16:54:42 +0200): > >has explicit rules to let these connections pass they are blocked > >because of an automatically generated rule wich is evaluated > >earlier: > > >Is this a bug in m0n0wall or am I missing something? > > There are hard-coded rules (anti-spoof check for LAN and OPT interfaces) > in m0n0wall that cannot be disabled. Because of the "quick" keyword, > user-defined rules (which come after the anti-spoof check) have no > effect... Not a bug, a design choice. Sorry :-( > > Read the code in filer.inc and you'll see why. Ah, yes, I see. ...and thanks to the firmware upload option in the webGUI it easy to fix permanently without having to have physical access to the device. What a great software package! Cheers, Jukka -- bashian roulette: $ ((RANDOM%6)) || rm -rf ~ |