Shoulda been tipped off when I said I completely disabled the firewall then,
;o)
hehe, sorry for the assumption.
I figured you were making a random pot shot considering the response I got.
mea culpa.
From: "Bill Marquette" <[EMAIL PROTECTED]>
Reply-To: [email protected]
To: [email protected]
Subject: Re: [pfSense Support] Can't get basic routing to work.
Date: Fri, 4 Aug 2006 23:45:22 -0500
On 8/4/06, A. Jones <[EMAIL PROTECTED]> wrote:
When you send (initiate) a packet out on port abc, and it is allowed
through, the firewall opens up a "hole" (which is stored in the state
table)
that allows a response from the IP the packet was sent to on the return
port
specified in the packet.
You use inbound rules (WAN->LAN) when you want to allow sessions to be
initiated from the internet/untrusted interface.
As long as the default "allow all" outbound rule is in place, you can do
things like ping and browse the web with no problem from the LAN side.
Considering I'm one of the developers, I certainly hope I understand
the concepts of a stateful inspection firewall. :) The only example I
saw of what was broken was an outside in traceroute. I think it's
fair for me to assume that you may not have had rules allowing it into
your network.
But when I turn off NAT, the packets originate from my LAN subnet and the
packets go for a wild ride into nothingness....
AIYA!!!!
Hopefully, I'll have this fixed by tomorrow morning....
Thanks for everyone's help!!!
It was much appreciated!!!
Glad to hear it was upstream.
--Bill
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
Dont just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
