hi buggs,
Astaro stops everything by default, which is intended vs having to read documentation and/or remove configuration in order to close holes opened at the factory by a "default" policy. Since our policy is to log and drop everything, this is expected here.
if you'd like a global outgoing allow policy so you dont have to open "outgoing" ports, just do
source: internal network destination:any service: any action: allow in the packetfilter and place it at the top.
Anytime you see the rule number 60,000+ its the default rule doing the drop (meaning the traffic has passed through every rule on the table and ended up not being matched, so it falls under the default behaviour). This default rule is not visible on the rules list.
__________________
Angelo Comazzetto
Astaro AG
--------------------------------------------------------
Visit the KB for documentation and help ( www.astaro.com/kb)
Astaro is FULLY free for home use, including all subscriptions. Download it from http://my.astaro.com
|