General Questions

I have tried to make it to ports 137-139 TCP/UDP are blocked when someone on my internal network tries to contact my machines IP with those ports. I have been unsucessful even though the rules look perfect. I did a test with blocking ICMP and while I can get it to fail to ping google from another ip, I cannot prevent it pinging my real machine, even with a rule that says any ICMP on lan net to lan net is blocked. No effect.

What am I doing wrong?

If all of the machines are on the same network, then m0n0wall is not involved with any communications between those machines. All the traffic is handled by your switch - it never reaches m0n0wall.

Well the developers might want to include a check for that because it let me make lan to lan rules and appeared as if I had control over internal communication when in fact those rules were totally useless. Unless there is some other reason to make lan to lan rules I am unaware of?

I have a hard time visualizing any product being encumbered to the degree required to flag every possible misconfiguration, as some fundamental understanding of networking is expected of the user. But that's just my opinion.

Feel free to make any suggestions in the Feature Requests area of the Forum.

[rock solid]

Well the developers might want to include a check for that because it let me make lan to lan rules and appeared as if I had control over internal communication when in fact those rules were totally useless. Unless there is some other reason to make lan to lan rules I am unaware of?

m0n0wall is a rock solid networking solution.
I have been using it for years with no problems at all.