Firewall/NAT

Hi,

I recently installed monowall on a pc with 2 nics used as WAN & LAN. The WAN(10.0.0.1/16) is connected to a dsl modem speedtouch 706 modem(10.0.0.138). The LAN's IP is 192.168.1.1/24. DHCP is on. I'm playing around with the firewall and noted that if I do a rule with:
action -> block
interface -> WAN
protocol -> TCP
source -> any
source port range -> any
destination -> any
destination port -> any
log -> checked

From what I can understand the rule above should block all tcp traffic from the WAN. However from a PC with ip 192.168.1.199 I still can browse. Could it be something from the modem or firewall config? Please help me, I'm relatively new to monowall.

Thanks

I'm playing around with the firewall and noted that if I do a rule with:
action -> block
interface -> WAN
protocol -> TCP
source -> any
source port range -> any
destination -> any
destination port -> any
log -> checked

This is normal behavior. Like most modern firewalls, m0n0wall uses stateful packet filtering, so if a TCP connection is initiated by a PC on your LAN *and* the firewall ruleset on your LAN interface allows the connection, an entry is created in the firewall's state table. Then when reply packets come in on the WAN interface that correspond to that connection, they are permitted regardless of what the WAN ruleset says.

If you tell us what you're actually trying to achieve, we can probably tell you how to do it properly given the stateful filtering.

To add to what Manuel said, the rule you created will block incoming traffic on the WAN interface, not block outgoing requests and their replies. What are you trying to achieve?