[ previous ] [ next ] [ threads ]
 From:  Patrick <patrick at rave dot co dot za>
 To:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Restricting SNMP
 Date:  Fri, 10 Sep 2004 22:03:15 +0200
> 161 UDP is the only SNMP port open, and I believe that is only on the
> LAN interface (I know it's not on WAN, but might be on optional
> interfaces, not sure).
> I tried to put in a rule on my LAN interface for source IP not equal
> to my monitoring system, source port *, destination IP the m0n0 LAN
> IP, dest port 161, UDP, with logging enabled on the rule, but it's not
> dropping SNMP packets as I would expect it to.  It is the first rule
> on the interface.

Are you sure its not TCP ? Those were TCP ports i checked for earlier i belive 
anyway... have you tried allow rule then a seperate deny rule ? TCP/UDP ? 

> Might be a protection built into m0n0wall to prevent you from locking
> yourself out of the system (i.e. all traffic from LAN is always
> allowed to LAN IP).  Not a clue on that, would appreciate some input
> from someone "in the know" so I can document it in the users guide.

From what ive seen so far there isnt such a protection built in at the moment 
but i could be wrong ...