Firewall/NAT

I have WAN and LAN. Some LAN machines open outgoing TCP connections (port 445) which I would like to block.

So, in the LAN interface, I added a first rule, for any source to WAN:445 to block+log. However, I don't see anything logged, and connections are still created. This is frustrating because what I'm trying to do is very simple, but it just doesn't work.

One thing to note is that I have OPT1/2/3 configured to bridge with LAN. Perhaps, that's messing up the firewall?? At least for OPT1/2/3 I see a warning that "Firewall rules for an interface in bridged mode have no effect on packets to hosts other than m0n0wall itself" -- whatever this means... Should LAN still work?

Thanks.

Probably a wrong filter specification. You are blocking packets destined for the WAN address on port 445, but this is probably not what you really want. Try changing the destination to any address and port 445.

Embarassingly, yes, the problem was using "WAN address", which I thought for some reason was any WAN address instead of the assigned "external" WAN address. Works now, thanks!!!!