News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  General Questions
linktree Topic: outgoing traffic-logging for creation of new rules
Pages: [1]
Topic: outgoing traffic-logging for creation of new rules  (Read 2103 times)
« on: July 02, 2008, 08:10:25 »
john99 *
Posts: 44
Hello,

We intend to install m0n0wall on an ALIX board. But we do not yet know what (outgoing) ports we need to open...
I heard that in such cases one possibility is to log all traffic, and to use this logs for the creation of the fw rules.


Questions:
1.
Is it possible to have all outgoing traffic and the according port number listed?

2.
Is this a good approach?


Thank's a lot for any feedback!

John
« Reply #1 on: July 02, 2008, 15:51:10 »
markb ****
Posts: 331
Personally I would look at it the other way.  Open up the ports you know that you are going to need, such as http, https, ftp, dns, ntp & smtp then block all else.  You can log what is blocked and wait for someone to complain about what they can't get to and find the corresponding block log to identify the port required.
« Reply #2 on: July 25, 2008, 09:09:27 »
john99 *
Posts: 44
Thank's a lot for the feedback. Your suggestion does make sense to me. But does m0n0wall log the portnumber of the outgoing traffic request?

Or are there better approaches to find out what port the application in question would like to use?


Thank's a lot for your help!

John
« Reply #3 on: July 25, 2008, 11:48:49 »
markb ****
Posts: 331
When you create the rules, there is a check box at the bottom that you can check to log the traffic processed by that rule.
« Reply #4 on: July 27, 2008, 13:45:22 »
Uluen **
Posts: 59
Default setting in Diagnostics->Logs->Settings is "Log packets blocked by the default rule" so with a default install you can just check the logs from time to time.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines