I am 1.2.3-RC3 built on Mon Sep 14 02:04:35 UTC 2009 I have a DMZ, WAN, and LAN on this box. I have been getting bleed through from the DMZ to the LAN and vice versa.
I have a WAN rule, all stars except destinaition is DMZ net I have two DMZ rules, the are both applied to source DMZ net, one blocks an alias I have defind called internal_subnets and one allows anything except things destined for internal_subnets. I also had a rule on the lan that blocks anything destined for 10.1.1.0/24 (my dmz subnet), it did not work until I changed it to block DMZ net. Is this a bug where the subnets are not being recognized in the firewall interface? A curious thing is that I can now not ping 10.1.1.4 from a computer plugged into the LAN, but I can ping it from the diagnostics ping interface if I source the ping from the LAN interface. Paul Borowicz BehaviorCorp Network Administrator (317) 587-0521 [email protected]
