Re: [m0n0wall] Priority of interfaces (LAN, WAN, OPT1)

From:	Fred Wright <fw at well dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Priority of interfaces (LAN, WAN, OPT1)
Date:	Sun, 12 Sep 2004 14:32:55 -0700 (PDT)

On Sun, 12 Sep 2004, Andrew Greenwood wrote:

> Ok so I have a m0n0wall box with LAN, WAN and OPT1 (wireless) interfaces
> attached.
> 
> Accessing anything on the LAN from the LAN is fine, as it doesn't go thru
> the m0n0wall box.
> 
> Accessing the WAN from the LAN works fine, too.
> 
> However, accessing OPT1 from the LAN fails unless an outbound NAT rule is
> created specifically for it.
> 
> I'm thinking maybe m0n0wall checks WAN first to see if it can access the IP
> over that interface, before attempting OPT1?

It just goes by the routing tables.  In a sense, it "checks the WAN"
*last*, because most routing to WAN (except for an address that happens to
lie within the WAN interface's subnet) is via the default gateway.  OPT1
will autmatically get a routing entry for its subnet, but if you need to
reach other IPs via that interface, you need a static route.

Just do a "netstat -rn" to see what your routing tables look like.

					Fred Wright