[ previous ] [ next ] [ threads ]
 From:  "Bosse Timothy" <Bosse dot tf at mellon dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Outbound Rules
 Date:  Sun, 1 Aug 2004 21:31:49 -0400
Jon:  The rule should reside on the WAN interface as m0n0wall manages
all of it's interfaces.

Fred:  Wouldn't it be reasonable for m0n0wall to generate traffic if
it's using the firmware version checker (only started from the firmware
admin page), or if you were downloading the latest version of the
firmware (again, must be accessing admin pages?

Both:  There should still be major concern if there is any amount of
traffic flowing that isn't started by the user (administrator/owner).

Tim Bosse

-----Original Message-----
From: Fred Wright [mailto:fw at well dot com] 
Sent: Sunday, August 01, 2004 9:21 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Outbound Rules

On Fri, 30 Jul 2004, Jon Tackabury wrote:

> What if the traffic is being generated by the firewall?  If it is 
> going out the WAN interface, what rule do I put the interface on?

Why would the firewall be initiating connections on its own?  Unless
it's been compromised, in which case why do you think its own filter
would help? :-)

					Fred Wright

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch