I am trying to connect to an SMB share outside of the office. I have confirmed that the share works and others on the Internet can connect to it fine, but connections from within my office do not go through.
I am guessing I have something wrong with the office's pf filters or NATing but I cannot identify the problem -- my pf.conf is fairly simple. All machines on the network can get to other services (http, https, rdp, ssh, ... anything, really) but cannot establish an SMB connection. Nothing of interest shows up in the pf log. pf.conf pasted below. Thank you for your time. Sincerely, william ## macros # interfaces intIf = "fxp0" extIf = "fxp1" # inside machines dvrIp = "192.168.10.7" scannerIp = "192.168.10.20" pc2Ip = "192.168.10.21" pc3Ip = "192.168.10.32" # public IPs natOutIp = "single.public.ip.address" serviceInIp = "d.i.tt.o" # internal services rdpPort = "3389" rdpPort2 = "3390" rdpPort3 = "3391" dvrWebPubPort = 82 dvrServicePort = 6036 ## block list APNIC = '"1.0.0.0/8" "43.0.0.0/8"' RIPE = '"31.0.0.0/8" "109.230.240.0/20"' CHINA = '"121.8.0.0/13"' blockList = "{ " $APNIC $RIPE $CHINA " }" ## options set block-policy return set skip on lo ## filter rules block in log quick on $extIf from $blockList block in log on $extIf pass in quick on $intIf pass out # NATing pass out on $extIf from 192.168.10.0/24 to any nat-to $natOutIp # internal services pass in on $extIf inet proto tcp to $serviceInIp port $dvrWebPubPort rdr-to $dvrIp port 80 pass in on $extIf inet proto tcp to $serviceInIp port $dvrServicePort rdr-to $dvrIp pass in on $extIf inet proto tcp to $serviceInIp port $rdpPort rdr-to $scannerIp port $rdpPort keep state pass in on $extIf inet proto tcp to $serviceInIp port $rdpPort2 rdr-to $pc2Ip port $rdpPort keep state pass in on $extIf inet proto tcp to $serviceInIp port $rdpPort3 rdr-to $pc3Ip port $rdpPort keep state # ssh pass in on $extIf inet proto tcp to $serviceInIp port ssh