Hi! I want to secure my wlan using IPsec. The simplified setup looks like this:
172.26.153.0/24 .1 public ip
(wlan clients) --- athn0[OpenBSD gateway]pppoe0 ------ ((internet))
IPsec
This works fine so far. But now I want to secure my OpenBSD gateway
which also runs NFS. How can I block NFS packets on the encrypted link
while still allowing ssh, ftp and the like on the encrypted link?
On enc0 I can see only ipencap packets which cannot be filtered by pf.
Christopher
