On 10/8/2004, "Rob" <[EMAIL PROTECTED]> wrote: >> The ip of the DMZ iface is : fxp0 a.b.c.1 255.255.255.0 > >You have no rules referring to this interface! Try changing your "out on >fpx1" to "in quick on fxp0". >
Yes, but firewall is in default to accept ... no .. ? Anyway, here is the begenning of the file now : pass out on fxp1 proto tcp from any to any keep state pass out on fxp1 proto udp from any to any keep state pass out on fxp1 proto icmp from any to any keep state pass out on fxp0 proto tcp from any to any keep state pass out on fxp0 proto udp from any to any keep state pass out on fxp0 proto icmp from any to any keep state pass in on fxp0 proto tcp from any to any keep state pass in on fxp0 proto udp from any to any keep state pass in on fxp0 proto icmp from any to any keep state It seems better, on the servers in the DMZ, but my ipmon is still crying : 10/08/2004 17:09:52.714017 fxp1 @0:431 b 207.155.252.40,25 -> e.f.g.2,1229 PR tcp len 20 141 -AP IN 10/08/2004 17:09:56.075882 fxp1 @0:431 b 207.155.252.40,25 -> e.f.g.2,1229 PR tcp len 20 141 -AP IN 10/08/2004 17:10:02.826617 fxp1 @0:431 b 207.155.252.40,25 -> e.f.g.2,1229 PR tcp len 20 141 -AP IN 10/08/2004 17:10:06.726784 fxp1 @0:431 b 64.12.138.120,25 -> e.f.g.2,2318 PR tcp len 20 519 -AP IN 10/08/2004 17:10:10.224945 fxp1 @0:431 b 62.160.237.1,25 -> e.f.g.2,2769 PR tcp len 20 104 -A IN 10/08/2004 17:10:16.326647 fxp1 @0:431 b 207.155.252.40,25 -> e.f.g.2,1229 PR tcp len 20 141 -AP IN -- fz
