[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Mixed up IPs in System Logs|Firewall?
 Date:  Tue, 12 Oct 2004 00:27:37 -0400
On Mon, 11 Oct 2004 20:30:37 +0200, horst dot ritter at mach dot com
<horst dot ritter at mach dot com> wrote:
> 
> I try to reach a server from the outside internet which is located behind a
> m0n0wall for several days now. Despite the fact that all ports are
> permitted on
> the m0n0wall (WAN interface as well as DMZ interface) the server is not
> reachable. 

It's a rule on your DMZ interface that is causing the packets to be dropped.  


> 
> For security reason I have replaced the original public IPs by public IPs.
> 
> Act   Time              If          Source                  Destination
>             Proto
> X     23:33:29.043975   DMZ         192.168.0.8, port 22    172.17.1.5,
> port 33622        TCP
> X     23:33:12.215229   DMZ         192.168.0.8             172.17.1.5
>             ICMP
> 
> Has anybody a clue why are the source and destination mixed up in the log?
> 

They aren't mixed up.  It's dropping return packets.  


> BTW: Due to the fact that the m0n0wall is located in russia and I am
> therefore not able to check the cables and settings personally,
> I am feared that probably the cables are not correctly plugged
> (WAN/LAN/DMZ). Might this cause the problem?
> 

If this were the case you probably wouldn't get as far as you do.  Doubt it.

Looks like something in your DMZ rules isn't allowing the return traffic out.  

-Chris