How-to have a public IP DMZ with m0n0wall
Suppose you've got this subnet from your ISP:
$ ipcalc 220.127.116.11/26
Given that x.y.z.129 is your router and thus the default gateway for your m0n0wall your WAN configuration will look like this:
So set a WAN IP like this x.y.z.131/26 with x.y.z.129 as default gateway
Done this you need to activate your optional interface
and put it in bridge with WAN.
A big note here: you MUST activate "filtering bridge" from "System: Advanced setup"
Now the 10 cent tip:
Interface: WAN Source: 192.168.10.0/24 (your LAN space) Destination: NOT x.y.z.128/26 (your DMZ subnet) Target: * (any) Description: put your own here...
SAVE your work and Apply Changes as usual
Done! Now you can add your rules from LAN to DMZ and from WAN to DMZ as you want and you can land on your DMZ without and "Internet tour"