News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  Firewall/NAT
linktree Topic: general firewall question
Pages: [1]
Topic: general firewall question  (Read 1604 times)
« on: January 29, 2009, 17:38:15 »
Ebeneezer *
Posts: 2
Hi,

I use version 1.233 and I donĀ“t understand the firewall behavior! On the WAN-interface nothing is configured. On the LAN-interface we have two rules:

1. block,tcp,LAN net,3389,*,3389
2. allow,*,LAN net,*,*,*

Why is it still possible to connect against a remote PC via 3389?
I also do not understand which rules I need to configure on LAN- and which on the WAN-Interface! Yes I am a beginner.

Thanks in advance.

Regards,

Titan
« Reply #1 on: January 29, 2009, 17:55:13 »
ChainSaw
Guest
source port should be any.

CS...
« Reply #2 on: January 29, 2009, 18:02:11 »
Ebeneezer *
Posts: 2
Still does not work! Do I have to restart the system?

Regards,

Titan
« Reply #3 on: January 29, 2009, 19:44:11 »
ChainSaw
Guest
rules apply to the interface the packet enters the firewall.  so if you are trying to block PC on the LAN from connecting to a service on the WAN/Internet, the rule needs to be added to the LAN.  No rules can block two PC on the same LAN from communicating as the packets don't go through the firewall.  Also, if the connection is already up, you will need to reset the state table or reboot the firewall.

CS...
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines