> 161 UDP is the only SNMP port open, and I believe that is only on the
> LAN interface (I know it's not on WAN, but might be on optional
> interfaces, not sure).
> I tried to put in a rule on my LAN interface for source IP not equal
> to my monitoring system, source port *, destination IP the m0n0 LAN
> IP, dest port 161, UDP, with logging enabled on the rule, but it's not
> dropping SNMP packets as I would expect it to. It is the first rule
> on the interface.
Are you sure its not TCP ? Those were TCP ports i checked for earlier i belive
anyway... have you tried allow rule then a seperate deny rule ? TCP/UDP ?
> Might be a protection built into m0n0wall to prevent you from locking
> yourself out of the system (i.e. all traffic from LAN is always
> allowed to LAN IP). Not a clue on that, would appreciate some input
> from someone "in the know" so I can document it in the users guide.
From what ive seen so far there isnt such a protection built in at the moment
but i could be wrong ...