[ previous ] [ next ] [ threads ]
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Mixed up IPs in System Logs|Firewall?
 Date:  Tue, 12 Oct 2004 00:27:37 -0400
On Mon, 11 Oct 2004 20:30:37 +0200, horst dot ritter at mach dot com
<horst dot ritter at mach dot com> wrote:
> I try to reach a server from the outside internet which is located behind a
> m0n0wall for several days now. Despite the fact that all ports are
> permitted on
> the m0n0wall (WAN interface as well as DMZ interface) the server is not
> reachable. 

It's a rule on your DMZ interface that is causing the packets to be dropped.  

> For security reason I have replaced the original public IPs by public IPs.
> Act   Time              If          Source                  Destination
>             Proto
> X     23:33:29.043975   DMZ, port 22,
> port 33622        TCP
> X     23:33:12.215229   DMZ   
>             ICMP
> Has anybody a clue why are the source and destination mixed up in the log?

They aren't mixed up.  It's dropping return packets.  

> BTW: Due to the fact that the m0n0wall is located in russia and I am
> therefore not able to check the cables and settings personally,
> I am feared that probably the cables are not correctly plugged
> (WAN/LAN/DMZ). Might this cause the problem?

If this were the case you probably wouldn't get as far as you do.  Doubt it.

Looks like something in your DMZ rules isn't allowing the return traffic out.