Firewall/NAT

Hi there,

I've got a problem with the firewall rules of m0n0wall. I configured a network with 2 subnets(A and B) on the LAN interface and a network with 1 subnet (C) on the OPT1 Interface. A and B are behind a router and C is directly connected to OPT1.
Although I configured a Firewall Rule (PROT any, source any, dest any) on each Interface, the Firewall still blocks ICMP echos from subet A or B.

Is this because of the default rule or what...

Did you put in static routes for A and B?

Yes I did. There are routes for A and for B. I forgot to say... there is another subnet between the router and the monowall (D). So the configuration looks like this

A
         Router ---   D ----  monoWall --- C
B

I can ping every address from subnet C. I also can ping C from D. But as soon as I want to ping out of A or B to C the monowall blocks it (every traffic). As I said, there is only one Firewall rule left on each interface (any, any, any).
Perhaps there is a possiblitiy to disable the Firewall?

on the Advanced page, there's a check box for not filtering on traffic on the same interface, check that.

on the Advanced page, there's a check box for not filtering on traffic on the same interface, check that.

... is checked -> no effect

my traffic is blocked by the default rule. if i unckeck in "logs-> Settings -> log blocks by default rule " there is no entry in the firewall log.

The m0n0wall blocks pings to itself and to subnet C, but only if i ping out of A and B

is there a possibility to disable the default rule or does somebody know some kind of workaround.

it works...

My configuration seemed to be right. I put an older version of m0n0wall on the WRAP  (V1.11) and now it works with the same configuration.


But I can't explain why...

What version didn't work?