Greetings everyone! This question has to do with PF and DNS from my internal network to my ISP.
Here is what I have done: Set /etc/sysctl.conf net.inet.ip.forwarding=1 Set /etc/rc.conf pf=YES Used the pf.conf file from the FAQ (http://www.openbsd.org/faq/pf/example1.html). Except my "internal" is xl0 and my external is rl0. rl0 gets its IP dynamically. My network looks exactly like the one in the FAQ (http://www.openbsd.org/faq/pf/example1.html). I can ping www.google.com from the firewall. But I cannot ping www.google.com from any computers on the internal network. First, does the pf.conf in the FAQ route DNS requests from the internal network? Second, if not would someone suggest a rule to accomplish that, so that DNS can be handled by my ISP? I've tried a couple of rdr/pass combinations. But no luck. Hell, I'm not even sure any rdr/pass combinations are required....doesn't seem like it. Thanks and take care, Allen Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com