Hi all,
I have a very simple setup. One soekris that is acting as firewall
and router
between two private networks. The rules are quite simple, and are
suppose
to only let the traffic for a few ports to past form the DMZ to the
App Zones and
vice-versa.
I don't understand what I am doing
Jaime Vargas wrote:
pass out log all
You probably want keep state on the pass out rule. The SYN/ACK reply
from $app_net isn't being allowed in this ruleset. You can see that in
your tcpdump capture below:
02:08:14.260021 rule 0/0(match): block in on sis1: 192.168.100.52.51011
On Tue, Jun 21, 2005 at 09:16:16PM -0400, Jaime Vargas wrote:
Hi all,
I have a very simple setup. One soekris that is acting as firewall
and router between two private networks. The rules are quite simple,
and are suppose to only let the traffic for a few ports to past form
the DMZ to the
