[ previous ] [ next ] [ threads ]
 
 From:  Christiaens Joachim <jchristi at oce dot be>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Strange behaviour
 Date:  Thu, 16 Oct 2003 18:44:50 +0200
Hi,

one of my m0n0wall's is put between 2 LAN's (192.168.1.0/24 = LAN and
10.32.0.0/23 = WAN).

I use 1:1 nat to do some sort of port forwarding from the 10.32.1.34 to the
10.32.20.34 address (which is NOT on the LAN side, but one hop away on the
WAN side), I know, this is not how it's done :-).

All works well, but the WAN interface shows 255.255.255.255 as subnet mask,
while this should be 255.255.254.0 (/23)...

does this affect some other settings / rules etc?

Regards,
Joachim

P.S. Is it possible to add a media selector in the GUI for the nic's?
Especially with the soekris and cable issues, this would be welcome... (in a
month or so, I will have some time / system to work on it myself, I hope :-)



status.cgi

***** Server statistics on Thu Oct 16 19:11:28 CEST 2003 *****
***** System uptime *****
 7:11PM  up 19 mins, 0 users, load averages: 0.00, 0.01, 0.00
***** Interfaces *****
sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 10.32.1.11 netmask 0xffffff00 broadcast 10.32.1.255
	inet 10.32.1.34 netmask 0xffffffff broadcast 10.32.1.34
	ether 00:00:24:c0:7f:28
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
sis1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
	ether 00:00:24:c0:7f:29
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
sis2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
	ether 00:00:24:c0:7f:2a
	media: Ethernet autoselect (none)
	status: no carrier
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	inet 127.0.0.1 netmask 0xff000000 
***** netstat -ni *****
Name  Mtu   Network       Address            Ipkts Ierrs    Opkts Oerrs
Coll
sis0  1500  <Link#1>    00:00:24:c0:7f:28     3209     0      818     0
0
sis0  1500  10.32.1/24    10.32.1.11           446     -      141     -
-
sis0  1500  10.32.1.34/32 10.32.1.34           125     -        0     -
-
sis1  1500  <Link#2>    00:00:24:c0:7f:29     1926     0      184     0
0
sis1  1500  192.168.1     192.168.1.1         1086     -      154     -
-
sis2* 1500  <Link#3>    00:00:24:c0:7f:2a        0     0        0     0
0
ppp0* 1500  <Link#4>                             0     0        0     0
0
sl0*  552   <Link#5>                             0     0        0     0
0
faith 1500  <Link#6>                             0     0        0     0
0
lo0   16384 <Link#7>                             0     0        0     0
0
lo0   16384 127           127.0.0.1              0     -        0     -
-
***** ipfw show *****
ipfw: getsockopt(IP_FW_GET): Protocol not available
***** ipnat -l *****
List of active MAP/Redirect filters:
bimap sis0 10.32.20.34/32 -> 10.32.1.34/32

List of active sessions:

List of active host mappings:
***** ipfstat -v *****
opts 0x40 name /dev/ipl
 IPv6 packets:		in 0 out 0
 input packets:		blocked 1 passed 2600 nomatch 0 counted 0 short 0
output packets:		blocked 0 passed 976 nomatch 0 counted 0 short 0
 input packets logged:	blocked 1 passed 0
output packets logged:	blocked 0 passed 0
 packets logged:	input 0 output 0
 log failures:		input 0 output 0
fragment state(in):	kept 0	lost 0
fragment state(out):	kept 0	lost 0
packet state(in):	kept 579	lost 0
packet state(out):	kept 7	lost 1
ICMP replies:	0	TCP RSTs sent:	0
Invalid source(in):	0
Result cache hits(in):	14	(out):	6
IN Pullups succeeded:	0	failed:	0
OUT Pullups succeeded:	0	failed:	0
Fastroute successes:	0	failures:	0
TCP cksum fails(in):	0	(out):	0
Packet log flags set: (0x20000000)
	packets blocked by filter
***** ipfstat -hio *****
0 pass out quick on lo0 from any to any
4 pass out quick on sis1 proto udp from 192.168.1.1/32 port = 67 to any port
= 68
0 pass out quick on sis0 proto udp from any port = 68 to any port = 67
0 block out quick on sis1 from any to any head 150
0 pass out quick proto udp from 192.168.1.1/32 to 192.168.1.0/24 port = 53
keep state group 150
0 pass out quick proto udp from 192.168.1.1/32 to 192.168.1.0/24 port = 514
keep state group 150
0 pass out quick proto icmp from 192.168.1.1/32 to 192.168.1.0/24 keep state
group 150
2 block out quick on sis0 from any to any head 250
0 pass out quick proto tcp from any to any keep state group 250
2 pass out quick proto udp from any to any keep state group 250
0 pass out quick proto icmp from any to any keep state group 250
0 block out quick from any to any
0 pass in quick on lo0 from any to any
0 block in quick from any to any with short
0 block in quick from any to any with ipopt
4 pass in quick on sis1 proto udp from any port = 68 to 255.255.255.255/32
port = 67
0 pass in quick on sis1 proto udp from any port = 68 to 192.168.1.1/32 port
= 67
0 block in log quick on sis0 from 192.168.1.0/24 to any
0 block in log quick on sis0 proto udp from any port = 67 to 192.168.1.0/24
port = 68
6 pass in quick on sis0 proto udp from any port = 67 to any port = 68
0 block in quick on sis1 from !192.168.1.0/24 to any
22 skip 1 in proto tcp from any to any flags S/FSRA
1 block in quick proto tcp from any to any
121 block in quick on sis1 from any to any head 100
0 pass in quick from 192.168.1.0/24 to 192.168.1.1/32 keep state group 100
121 pass in quick from any to any keep state group 100
0 pass in quick proto tcp/udp from 192.168.1.0/24 to any port = http keep
state group 100
0 pass in quick proto tcp/udp from 192.168.1.0/24 to any port = https keep
state group 100
0 pass in quick proto tcp/udp from 192.168.1.0/24 to 10.32.20.34/32 port =
domain keep state group 100
144 block in log quick on sis0 from any to any head 200
144 pass in quick from any to any keep state group 200
0 pass in quick proto tcp/udp from 10.32.1.44/32 to 192.168.1.0/24 keep
state group 200
0 block in quick from any to any
***** resolv.conf *****
domain brussels.be.oce.net
nameserver 10.32.20.34
nameserver 10.96.64.22
***** Processes *****
USER     PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
root     413 10.0  1.6  1332  832  ??  SN    7:11PM   0:00.12 /bin/sh
status.cgi
root       1  0.0  1.3  1052  688  ??  ILs   6:52PM   0:00.08 /sbin/init --
root       2  0.0  0.0     0    0  ??  DL    6:52PM   0:00.00  (cryptoret)
root       3  0.0  0.0     0    0  ??  DL    6:52PM   0:00.01  (pagedaemon)
root       4  0.0  0.0     0    0  ??  DL    6:52PM   0:00.02  (bufdaemon)
root       5  0.0  0.0     0    0  ??  DL    6:52PM   0:00.02  (vnlru)
root       6  0.0  0.0     0    0  ??  DL    6:52PM   0:00.08  (syncer)
root      43  0.0  1.1   880  536  ??  Ss    6:52PM   0:00.02
/usr/local/sbin/watchdogd
root      78  0.0  2.4  1448 1212  ??  Ss    6:52PM   0:00.19 /sbin/ipmon
-sD
root      83  0.0  1.2   948  632  ??  Is    6:52PM   0:00.18
/usr/sbin/syslogd -ss
root      88  0.0  2.2  2236 1108  ??  Ss    6:52PM   0:00.14
/usr/local/sbin/mini_httpd -c cgi-bin/*|**.php -u root -i
/var/run/mini_httpd.pid
root      97  0.0  1.6  1324  824  d0- I     6:52PM   0:00.25 /bin/sh
/usr/local/bin/runmsntp.sh /var/run/runmsntp.pid /var/run/msntp.pid 300
pool.ntp.org
root     113  0.0  1.7  1328  852  ??  I     6:52PM   0:00.05 /bin/sh
/etc/rc.initial console
root     172  0.0  1.5  1096  744  ??  I     6:52PM   0:00.04
/usr/local/bin/msntp -r -P no -l /var/run/msntp.pid -x 300 pool.ntp.org
nobody   359  0.0  1.4   948  716  ??  SN    7:02PM   0:00.10
/usr/local/sbin/dnsmasq
root     363  0.0  2.8  1772 1436  ??  INs   7:02PM   0:00.02
/usr/local/sbin/dhcpd -cf /var/etc/dhcpd.conf sis1
root     414  0.0  2.3  2244 1168  ??  S     7:11PM   0:00.01
/usr/local/sbin/mini_httpd -c cgi-bin/*|**.php -u root -i
/var/run/mini_httpd.pid
root       0  0.0  0.0     0    0  ??  DLs   6:52PM   0:00.00  (swapper)
root     424  0.0  1.1  1064  580  ??  RN    7:11PM   0:00.00 ps xauww
***** top -b *****
last pid:   425;  load averages:  0.00,  0.01,  0.00  up 0+00:19:39
19:11:29
12 processes:  1 running, 11 sleeping

Mem: 4020K Active, 3324K Inact, 4280K Wired, 4288K Buf, 39M Free
Swap: 


  PID USERNAME PRI NICE  SIZE    RES STATE    TIME   WCPU    CPU COMMAND
  413 root      10  10  1332K   832K wait     0:00 10.00%  0.49% sh
   97 root      10   0  1324K   824K wait     0:00  0.00%  0.00% sh
   78 root      10   0  1448K  1212K nanslp   0:00  0.00%  0.00% ipmon
   83 root       2   0   948K   632K select   0:00  0.00%  0.00% syslogd
   88 root       2   0  2236K  1108K accept   0:00  0.00%  0.00% mini_httpd
  359 nobody     2  10   948K   716K select   0:00  0.00%  0.00% dnsmasq
  113 root       3   0  1328K   852K ttyin    0:00  0.00%  0.00% sh
  172 root       2   0  1096K   744K sbwait   0:00  0.00%  0.00% msntp
   43 root      10   0   880K   536K nanslp   0:00  0.00%  0.00% watchdogd
  363 root       2  10  1772K  1436K select   0:00  0.00%  0.00% dhcpd
  414 root      -6   0  2244K  1168K piperd   0:00  0.00%  0.00% mini_httpd
  425 root      70  10  1856K   920K RUN      0:00  0.00%  0.00% top

***** dhcpd.conf *****
option domain-name "brussels.be.oce.net";
option domain-name-servers 192.168.1.1;
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
ddns-update-style none;
subnet 192.168.1.0 netmask 255.255.255.0 {
	range 192.168.1.250 192.168.1.254;
	option routers 192.168.1.1;
}
***** /conf/ez-ipupdate.cache *****
cat: /conf/ez-ipupdate.cache: No such file or directory
***** df *****
Filesystem 512-blocks  Used Avail Capacity  Mounted on
/dev/md0c       19774 16920  1274    93%    /
procfs              8     8     0   100%    /proc
/dev/ad0a        9854  8586   480    95%    /cf
***** /var/etc/racoon.conf *****
cat: /var/etc/racoon.conf: No such file or directory
***** SPD *****
No SPD entries.
***** SAD *****
No SAD entries.
***** last 200 system log entries *****
Oct 16 18:52:29 ocebe20 /kernel: Waiting (max 60 seconds) for system process
`vnlru' to stop...stopped
Oct 16 18:52:29 ocebe20 /kernel: Waiting (max 60 seconds) for system process
`bufdaemon' to stop...stopped
Oct 16 18:52:29 ocebe20 /kernel: Waiting (max 60 seconds) for system process
`syncer' to stop...stopped
Oct 16 18:52:29 ocebe20 /kernel: 
Oct 16 18:52:29 ocebe20 /kernel: syncing disks... 
Oct 16 18:52:29 ocebe20 /kernel: done
Oct 16 18:52:29 ocebe20 /kernel: Uptime: 2h7m28s
Oct 16 18:52:29 ocebe20 /kernel: Rebooting...
Oct 16 18:52:29 ocebe20 /kernel: Copyright (c) 1992-2003 The FreeBSD
Project.
Oct 16 18:52:29 ocebe20 /kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988,
1989, 1991, 1992, 1993, 1994
Oct 16 18:52:29 ocebe20 /kernel: The Regents of the University of
California. All rights reserved.
Oct 16 18:52:29 ocebe20 /kernel: FreeBSD 4.8-RELEASE #0: Sun Sep 28 16:42:26
CEST 2003
Oct 16 18:52:29 ocebe20 /kernel:
root at nb dot neon1 dot net:/usr/src/sys/compile/M0N0WALL_NET45XX_IPSEC
Oct 16 18:52:29 ocebe20 /kernel: Timecounter "i8254"  frequency 1189162 Hz
Oct 16 18:52:29 ocebe20 /kernel: CPU: AMD Am5x86 Write-Back (486-class CPU)
Oct 16 18:52:29 ocebe20 /kernel: Origin = "AuthenticAMD"  Id = 0x4f4
Stepping = 4
Oct 16 18:52:29 ocebe20 /kernel: Features=0x1<FPU>
Oct 16 18:52:29 ocebe20 /kernel: real memory  = 67108864 (65536K bytes)
Oct 16 18:52:29 ocebe20 /kernel: avail memory = 51838976 (50624K bytes)
Oct 16 18:52:29 ocebe20 /kernel: Preloaded elf kernel "kernel" at
0xc0d14000.
Oct 16 18:52:29 ocebe20 /kernel: Preloaded mfs_root "/mfsroot" at
0xc0d1409c.
Oct 16 18:52:29 ocebe20 /kernel: md0: Preloaded image </mfsroot> 10485760
bytes at 0xc0312120
Oct 16 18:52:29 ocebe20 /kernel: md1: Malloc disk
Oct 16 18:52:29 ocebe20 /kernel: Timecounter "ELAN"  frequency 8333333 Hz
Oct 16 18:52:29 ocebe20 /kernel: npx0: <math processor> on motherboard
Oct 16 18:52:29 ocebe20 /kernel: npx0: INT 16 interface
Oct 16 18:52:29 ocebe20 /kernel: pcib0: <AMD Elan SC520 host to PCI bridge>
on motherboard
Oct 16 18:52:29 ocebe20 /kernel: pci0: <PCI bus> on pcib0
Oct 16 18:52:29 ocebe20 /kernel: sis0: <NatSemi DP83815 10/100BaseTX> port
0xe000-0xe0ff mem 0xa0000000-0xa0000fff irq 10 at device 18.0 on pci0
Oct 16 18:52:29 ocebe20 /kernel: sis0: Ethernet address: 00:00:24:c0:7f:28
Oct 16 18:52:29 ocebe20 /kernel: miibus0: <MII bus> on sis0
Oct 16 18:52:29 ocebe20 /kernel: ukphy0: <Generic IEEE 802.3u media
interface> on miibus0
Oct 16 18:52:29 ocebe20 /kernel: ukphy0:  10baseT, 10baseT-FDX, 100baseTX,
100baseTX-FDX, auto
Oct 16 18:52:29 ocebe20 /kernel: sis1: <NatSemi DP83815 10/100BaseTX> port
0xe100-0xe1ff mem 0xa0001000-0xa0001fff irq 11 at device 19.0 on pci0
Oct 16 18:52:29 ocebe20 /kernel: sis1: Ethernet address: 00:00:24:c0:7f:29
Oct 16 18:52:29 ocebe20 /kernel: miibus1: <MII bus> on sis1
Oct 16 18:52:29 ocebe20 /kernel: ukphy1: <Generic IEEE 802.3u media
interface> on miibus1
Oct 16 18:52:29 ocebe20 /kernel: ukphy1:  10baseT, 10baseT-FDX, 100baseTX,
100baseTX-FDX, auto
Oct 16 18:52:29 ocebe20 /kernel: sis2: <NatSemi DP83815 10/100BaseTX> port
0xe200-0xe2ff mem 0xa0002000-0xa0002fff irq 5 at device 20.0 on pci0
Oct 16 18:52:29 ocebe20 /kernel: sis2: Ethernet address: 00:00:24:c0:7f:2a
Oct 16 18:52:29 ocebe20 /kernel: miibus2: <MII bus> on sis2
Oct 16 18:52:29 ocebe20 /kernel: ukphy2: <Generic IEEE 802.3u media
interface> on miibus2
Oct 16 18:52:29 ocebe20 /kernel: ukphy2:  10baseT, 10baseT-FDX, 100baseTX,
100baseTX-FDX, auto
Oct 16 18:52:29 ocebe20 /kernel: isa0: <ISA bus> on motherboard
Oct 16 18:52:29 ocebe20 /kernel: ata0 at port 0x1f0-0x1f7,0x3f6 irq 14 on
isa0
Oct 16 18:52:29 ocebe20 /kernel: ata1 at port 0x170-0x177,0x376 irq 15 on
isa0
Oct 16 18:52:29 ocebe20 /kernel: sio0 at port 0x3f8-0x3ff irq 4 flags 0x30
on isa0
Oct 16 18:52:29 ocebe20 /kernel: sio0: type 16550A, console
Oct 16 18:52:29 ocebe20 /kernel: sio1 at port 0x2f8-0x2ff irq 3 on isa0
Oct 16 18:52:29 ocebe20 /kernel: sio1: type 16550A
Oct 16 18:52:29 ocebe20 /kernel: Elan-mmcr driver: MMCR at 0xc598e000
Oct 16 18:52:29 ocebe20 /kernel: IPsec: Initialized Security Association
Processing.
Oct 16 18:52:29 ocebe20 /kernel: IP Filter: v3.4.31 initialized.  Default =
block all, Logging = enabled
Oct 16 18:52:29 ocebe20 /kernel: ad0: 7MB <Hitachi XXM2.2.0> [246/2/32] at
ata0-master BIOSPIO
Oct 16 18:52:29 ocebe20 /kernel: Mounting root from ufs:/dev/md0c
Oct 16 18:52:29 ocebe20 dnsmasq[92]: started, version 1.17 cachesize 150
Oct 16 18:52:29 ocebe20 dnsmasq[92]: reading /etc/hosts - 2 addresses
Oct 16 18:52:29 ocebe20 dhcpd: Internet Software Consortium DHCP Server
V3.0.1rc11
Oct 16 18:52:29 ocebe20 dnsmasq[92]: reading /etc/resolv.conf
Oct 16 18:52:29 ocebe20 dhcpd: Copyright 1995-2003 Internet Software
Consortium.
Oct 16 18:52:29 ocebe20 dnsmasq[92]: using nameserver 10.96.64.22#53
Oct 16 18:52:29 ocebe20 dnsmasq[92]: using nameserver 10.32.20.34#53
Oct 16 18:52:29 ocebe20 dhcpd: All rights reserved.
Oct 16 18:52:29 ocebe20 dhcpd: For info, please visit
http://www.isc.org/products/DHCP
Oct 16 18:52:31 ocebe20 dhclient: DHCPDISCOVER on sis0 to 255.255.255.255
port 67 interval 5
Oct 16 18:52:36 ocebe20 dhclient: DHCPDISCOVER on sis0 to 255.255.255.255
port 67 interval 6
Oct 16 18:52:42 ocebe20 dhclient: DHCPDISCOVER on sis0 to 255.255.255.255
port 67 interval 17
Oct 16 18:52:59 ocebe20 dhclient: DHCPDISCOVER on sis0 to 255.255.255.255
port 67 interval 7
Oct 16 18:52:59 ocebe20 dhclient: DHCPOFFER from 10.32.1.24
Oct 16 18:52:59 ocebe20 dhclient: DHCPREQUEST on sis0 to 255.255.255.255
port 67
Oct 16 18:52:59 ocebe20 dhclient: DHCPACK from 10.32.1.24
Oct 16 18:52:59 ocebe20 dhclient: New Network Number: 10.32.0.0
Oct 16 18:52:59 ocebe20 dhclient: New Broadcast Address: 10.32.1.255
Oct 16 18:52:59 ocebe20 dhclient: New IP Address (sis0): 10.32.1.11
Oct 16 18:52:59 ocebe20 dhclient: New Subnet Mask (sis0): 255.255.254.0
Oct 16 18:52:59 ocebe20 dhclient: New Broadcast Address (sis0): 10.32.1.255
Oct 16 18:52:59 ocebe20 dhclient: New Routers: 10.32.1.30
Oct 16 18:53:03 ocebe20 dhclient: bound to 10.32.1.11 -- renewal in 18654
seconds.
Oct 16 18:56:49 ocebe20 dnsmasq[269]: started, version 1.17 cachesize 150
Oct 16 18:56:49 ocebe20 dnsmasq[269]: reading /etc/hosts - 2 addresses
Oct 16 18:56:49 ocebe20 dnsmasq[269]: reading /etc/resolv.conf
Oct 16 18:56:49 ocebe20 dnsmasq[269]: using nameserver 10.96.64.22#53
Oct 16 18:56:49 ocebe20 dnsmasq[269]: using nameserver 10.32.20.34#53
Oct 16 18:56:50 ocebe20 dhcpd: Internet Software Consortium DHCP Server
V3.0.1rc11
Oct 16 18:56:50 ocebe20 dhcpd: Copyright 1995-2003 Internet Software
Consortium.
Oct 16 18:56:50 ocebe20 dhcpd: All rights reserved.
Oct 16 18:56:50 ocebe20 dhcpd: For info, please visit
http://www.isc.org/products/DHCP
Oct 16 19:02:37 ocebe20 dnsmasq[359]: started, version 1.17 cachesize 150
Oct 16 19:02:37 ocebe20 dnsmasq[359]: reading /etc/hosts - 2 addresses
Oct 16 19:02:37 ocebe20 dnsmasq[359]: reading /etc/resolv.conf
Oct 16 19:02:37 ocebe20 dnsmasq[359]: using nameserver 10.96.64.22#53
Oct 16 19:02:37 ocebe20 dnsmasq[359]: using nameserver 10.32.20.34#53
Oct 16 19:02:39 ocebe20 dhcpd: Internet Software Consortium DHCP Server
V3.0.1rc11
Oct 16 19:02:39 ocebe20 dhcpd: Copyright 1995-2003 Internet Software
Consortium.
Oct 16 19:02:39 ocebe20 dhcpd: All rights reserved.
Oct 16 19:02:39 ocebe20 dhcpd: For info, please visit
http://www.isc.org/products/DHCP
***** last 50 filter log entries *****
Oct 16 19:05:03 ocebe20 ipmon[78]: 19:05:02.327214 sis1 @0:11 B
192.168.1.60,139 -> 10.32.0.191,1095 PR tcp len 20 40 -R IN 
***** ls /conf *****
config.xml
***** ls /var/run *****
dev.db
dhclient.pid
dhcpd.pid
dnsmasq.pid
htpasswd
ipmon.pid
ld-elf.so.hints
log
mini_httpd.pid
msntp.pid
runmsntp.pid
syslog.pid
utmp
watchdogd.pid
***** config.xml *****
<?xml version="1.0"?>
<m0n0wall>
	<version>1.2</version>
	<system>
		<hostname>ocebe20</hostname>
		<domain>brussels.be.oce.net</domain>
		<password>xxx</password>
		<timezone>Europe/Brussels</timezone>
		<timeservers>pool.ntp.org</timeservers>
		<time-update-interval>300</time-update-interval>
		<dnsserver>10.32.20.34</dnsserver>
		<dnsserver>10.96.64.22</dnsserver>
	</system>
	<interfaces>
		<lan>
			<if>sis1</if>
			<ipaddr>192.168.1.1</ipaddr>
			<subnet>24</subnet>
		</lan>
		<wan>
			<if>sis0</if>
			<spoofmac/>
			<mtu/>
			<ipaddr>10.32.1.11</ipaddr>
			<subnet>24</subnet>
			<gateway>10.32.1.30</gateway>
		</wan>
	</interfaces>
	<pppoe/>
	<pptp/>
	<dyndns>
		<type>dyndns</type>
		<username/>
		<password/>
		<host/>
		<mx/>
	</dyndns>
	<dhcpd>
		<lan>
			<enable/>
			<range>
				<from>192.168.1.250</from>
				<to>192.168.1.254</to>
			</range>
		</lan>
	</dhcpd>
	<pptpd>
		<mode/>
		<redir/>
		<localip/>
		<remoteip/>
	</pptpd>
	<diag>
		<ipv6nat>
			<ipaddr/>
		</ipv6nat>
	</diag>
	<nat>
		<onetoone>
			<external>10.32.1.34</external>
			<internal>10.32.20.34</internal>
			<descr>to DNS in DMZ (for static hosts with older
info)</descr>
		</onetoone>
		<advancedoutbound>
			<enable/>
		</advancedoutbound>
	</nat>
	<filter>
		<rule>
			<interface>wan</interface>
			<source>
				<any/>
			</source>
			<destination>
				<any/>
			</destination>
			<descr>Default WAN &gt; Any</descr>
		</rule>
		<rule>
			<interface>wan</interface>
			<protocol>tcp/udp</protocol>
			<source>
				<address>10.32.1.44</address>
			</source>
			<destination>
				<network>lan</network>
			</destination>
			<descr>Allow showroom person to print to
showroom</descr>
		</rule>
		<rule>
			<interface>lan</interface>
			<source>
				<any/>
			</source>
			<destination>
				<any/>
			</destination>
			<descr>Default LAN -&gt; any</descr>
		</rule>
		<rule>
			<interface>lan</interface>
			<protocol>tcp/udp</protocol>
			<source>
				<network>lan</network>
			</source>
			<destination>
				<any/>
				<port>80</port>
			</destination>
			<descr>Http out rule for showroom</descr>
		</rule>
		<rule>
			<interface>lan</interface>
			<protocol>tcp/udp</protocol>
			<source>
				<network>lan</network>
			</source>
			<destination>
				<any/>
				<port>443</port>
			</destination>
			<descr>HTTPS out rule for showroom</descr>
		</rule>
		<rule>
			<interface>lan</interface>
			<protocol>tcp/udp</protocol>
			<source>
				<network>lan</network>
			</source>
			<destination>
				<address>10.32.20.34</address>
				<port>53</port>
			</destination>
			<descr>DNS out rule for showroom</descr>
		</rule>
	</filter>
	<shaper/>
	<ipsec/>
	<dnsmasq>
		<enable/>
	</dnsmasq>
</m0n0wall>
***** kldstat *****
kldstat: not found
***** ngctl list *****
There are 4 total nodes:
  Name: ngctl439        Type: socket          ID: 00000004   Num hooks: 0
  Name: sis2            Type: ether           ID: 00000003   Num hooks: 0
  Name: sis1            Type: ether           ID: 00000002   Num hooks: 0
  Name: sis0            Type: ether           ID: 00000001   Num hooks: 0



-----------------------------------------------
MISSION STATEMENT 
-----------------------------------------------

effectively by offering innovative print and document management products
and services for professional environments.

-----------------------------------------------
DISCLAIMER 
-----------------------------------------------
This e-mail message and any attachment are intended for the sole use of the
recipient(s) named above and may contain information which is confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender either
by telephone (0032-2-729.48.11) or by e-mail and delete the material from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see our
website at www.oce.be

-----------------------------------------------