Happy New Year everyone. I have installed OpenBSD-7.8 in a Proxmox VM to run some tests. I am struggling for hours to get SSH (and other services) access into the VM working, but no dice.
What could I be missing? Importantly, I need SSH access to work. Strangely, I even tried 'pfctl -d' and even that still does not let me connect to the VM via SSH, much as I can ping it's IP address. I have several VMs and LXCs on my Proxmox and all are easily accessible. The OpenBSD has frustrated me badly :( Since this VM is technically inaccessible from outside, I don't even need the internal firewall in the first place, but it's good if it works. Here is my pf..conf: # Skip localhost set skip on lo # Define the network interface intif = "vio0" # replace with your VM's NIC if different # Optional: define your trusted LAN lan = "192.168.69.0/24" # ----------------------------------- # Allow SSH (admin access) # ----------------------------------- pass in on $intif proto tcp to port 22 keep state # ----------------------------------- # Allow Mail Server traffic # ----------------------------------- # SMTP (incoming) pass in on $intif proto tcp to port 25 keep state # Submission (sending from mail clients) pass in on $intif proto tcp to port 587 keep state # SMTPS (secure SMTP) pass in on $intif proto tcp to port 465 keep state # IMAP / IMAPS pass in on $intif proto tcp to port 143 keep state pass in on $intif proto tcp to port 993 keep state # POP3 / POP3S pass in on $intif proto tcp to port 110 keep state pass in on $intif proto tcp to port 995 keep state # ----------------------------------- # Allow Webmail (HTTP / HTTPS) # ----------------------------------- pass in on $intif proto tcp to port 80 keep state pass in on $intif proto tcp to port 443 keep state # ----------------------------------- # Outbound traffic (updates, mail relay) # ----------------------------------- pass out all keep state # ----------------------------------- # Block everything else (default deny) # Log blocked packets for debugging # ----------------------------------- block in log all block out log all -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
