Hello all, I finally got my "new" server online, still have to disable inteldrm to get it to boot though.
Ran into two issues upon initial bootup: 1. DHCPD failed to start, trying to troubleshoot that one. 2. I have a fully working pf.conf file on my current server, copied it over to my new server and made a few corrections since the interfaces are different, but thats about it. The problem is this: the new router boots up and dhclient goes and gets a lease, and I have an ip address. I can ping external to the box and also can do a wget and download a file, so I know the box is online. My internal network though, can't see a thing past the external interface, can't ping, or resolve anything. The resolv.conf files look ok (they match the old box files). My thinking is that for some reason, pf doesn't like my current config file. Both boxes are fully patched 6.3 versions. One is 32-bit, the other is 64-bit. On the new router, re0 is the external interface, re1 is internal interface. Assuming with DHCPD enabled, it would monitor the internal interface for dhcp requests from my internal machines. If the internal interface was having a problem initializing, would that prevent dhcpd from starting up. I'm wondering if both interfaces can be enabled at the same time. They SHOULD be able to, but with this motherboard, who knows... I'm posting my pf.conf file, other suggestions that could help me narrow the scope of the problem are appreciated. # $OpenBSD: pf.conf,v 1.54 2014/08/23 05:49:42 deraadt Exp $ # # See pf.conf(5) and /etc/examples/pf.conf int_if = "re0" www_ad = "192.168.1.99" icmp_types="echoreq" NoRouteIPs = "{127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8}" set block-policy return set loginterface egress set skip on lo #Protection antispoof quick for { lo $int_if } block in quick on egress from $NoRouteIPs to any block out quick on egress from any to $NoRouteIPs #filter rules and anchor for ftp-proxy anchor "ftp-proxy/*" #rule needed to redirect ftp connection for ftp-proxy pass in quick inet proto tcp to port ftp divert-to 127.0.0.1 port 8021 #match rules match out on egress inet from !(egress) to any nat-to (egress:0) block in log pass out quick #next rule passes http-https traffic to the web/email server pass in on egress inet proto tcp from any to (egress) port {80 443} rdr-to $www_ad synproxy state #traceroute rule (for IPv4) pass out on egress inet proto udp to port 33433:33626 #next rule redirects smtp traffic to the email server pass in on egress inet proto tcp from any to (egress) port 25 rdr-to $www_ad #pass in certain types of ICMP traffic pass in inet proto icmp all icmp-type $icmp_types