[ previous ] [ next ] [ threads ]
 From:  Horst dot Ritter at mach dot com
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Mixed up IPs in System Logs|Firewall?
 Date:  Mon, 11 Oct 2004 20:30:37 +0200

I try to reach a server from the outside internet which is located behind a
m0n0wall for several days now. Despite the fact that all ports are
permitted on
the m0n0wall (WAN interface as well as DMZ interface) the server is not
reachable. Neither by SSH nor by ping. During the debugging with the log
I faced a further odd behavior of the m0n0wall. Both attempts, SSH and
ping, are initated from but in the log there are quoted in the
column. Therefore, I am confused if the problem could be caused by the
FW-routine in the m0n0wall or if I am missunderstanding the log.

For security reason I have replaced the original public IPs by public IPs.

Act   Time              If          Source                  Destination
X     23:33:29.043975   DMZ, port 22,
port 33622        TCP
X     23:33:12.215229   DMZ   

Has anybody a clue why are the source and destination mixed up in the log?

BTW: Due to the fact that the m0n0wall is located in russia and I am
therefore not able to check the cables and settings personally,
I am feared that probably the cables are not correctly plugged
(WAN/LAN/DMZ). Might this cause the problem?

I would appreciate every hint or clarification.

Best regards,