I'm new to firewalls and learning a lot and very quickly, but I've run into a problem where I don't really know what's happening, so I can't Google or search this forum for an answer.
Basically, Astaro V7 is on my home network -- WAN interface is eth0 going to my cable modem, LAN interface is eth1 going to my wifi and whatnot. I have Masquerading set up from LAN to WAN; I have all packets from LAN to WAN allowed in Packet Filtering. I have the HTTP Proxy on(standard), with an exception for Internal to WAN to bypass all filters.
Most sites work fine, like this one. But I can't log into Netflix, for instance. I hit their homepage, netflix.com, go to the Member Sign-in, and all that opens. Enter my user/pass, hit Continue, and it just stops. My Astaro log has this:
2007:06:29-07:37:51 (none) ulogd[2463]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth1" outitf="eth0" dstmac="00:02:b3:b3[:D]c:e2" srcmac="00:90:96:bf:1a:29" srcip="192.168.1.150" dstip="208.75.76.17" proto="6" length="48" tos="0x00" prec="0x00" ttl="127" srcport="1966" dstport="443" tcpflags="SYN"
AND
07:38:25 Default DROP ICMP
192.168.1.150
→
208.75.76.17
len=60 ttl=127 tos=0x00 srcmac=00:90:96:bf:1a:29 dstmac=00:02:b3:b3[:D]c:e2
That destination IP is netflix.com. I get a similar message when my Firefox toolbars try to update. I tried switching the proxy to transparent and allowing port 443, but either I entered the port wrong in the Packet Filtering, or it didn't work.
What I want is for all outgoing traffic to be allowed for internet traffic. I need to open ports for newgroups and bittorrent later, but for right now, anything website related, I want that open and free if the request starts from the internal network.
HELP! THANKS!
This thread was automatically locked due to age.
