I have a firewall that has been running several versions of OpenBSD
successfully, the last being 4.6. After installing 4.7, I could not get
the firewall to pass any traffic from the lan side. We have been having
thunderstorms lately and I thought may be something was wrong with the
nics so I changed the MB our for something similar, another c7
motherboard with 2 nics. I had the same problem, I can ping outside the
network as well as the lan computers from the firewall. Tcpdump shows
the lan traffic hitting the lan side, but no response back to the lan
computers, lan traffic never gets to wan side nic. I put in a very
minimal pf.conf and it still works the same. I'm at a loss what is
wrong. pf.conf and dmess follows. Any ideas would be greatly
appreciated.
Peter
Motherboard #1 Jetway 7f4k1G5D-LF 1.5ghz
Motherboard #2 Jetway J7F4 1.2 Ghz
# sysctl net.inet.ip.forwarding
net.inet.ip.forwarding=1
# cat pf.min
ext_if = "re0"
int_if = "re1"
match out log on egress from (self) to any tag
EGRESS nat-to ($ext_if:0) port 1024:65535
#pass all
pass out log on $ext_if all
pass out log on $int_if all
pass in log on $ext_if all
pass in log on $int_if all
# dmesg
OpenBSD 4.7 (GENERIC) #558: Wed Mar 17 20:46:15 MDT 2010
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: VIA Eden Processor 1200MHz ("CentaurHauls" 686-class) 1.21 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MM
X,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2,xTPR
real mem = 1005023232 (958MB)
avail mem = 965070848 (920MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 11/25/08, BIOS32 rev. 0 @ 0xfa340,
SMBIOS rev. 2.3 @ 0xf0000 (33 entries)
bios0: vendor Phoenix Technologies, LTD version "6.00 PG" date
11/25/2008
apm0 at bios0: Power Management spec V1.2 (slowidle)
apm0: AC on, battery charge unknown
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf0000/0xc7f4
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc720/208 (11 entries)
pcibios0: bad IRQ table checksum
pcibios0: PCI BIOS has 11 Interrupt Routing table entries
pcibios0: PCI Exclusive IRQs: 5 10 11 15
pcibios0: PCI Interrupt Router at 000:17:0 ("VIA VT8237 ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0x10000
cpu0 at mainbus0: (uniprocessor)
cpu0: RNG AES AES-CTR SHA1 SHA256 RSA
cpu0: unknown Enhanced SpeedStep CPU, msr 0x04090c0a04000c0a
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 1201 MHz: speeds: 1600, 533 MHz
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "VIA CN700 Host" rev 0x00
viaagp0 at pchb0: v3
agp0 at viaagp0: aperture at 0xf8000000, size 0xe800000
pchb1 at pci0 dev 0 function 1 "VIA CN700 Host" rev 0x00
pchb2 at pci0 dev 0 function 2 "VIA CN700 Host" rev 0x00
pchb3 at pci0 dev 0 function 3 "VIA PT890 Host" rev 0x00
pchb4 at pci0 dev 0 function 4 "VIA CN700 Host" rev 0x00
pchb5 at pci0 dev 0 function 7 "VIA CN700 Host" rev 0x00
ppb0 at pci0 dev 1 function 0 "VIA VT8377 AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "VIA S3 Unichrome PRO IGP" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
re0 at pci0 dev 9 function 0 "Realtek 8169SC" rev 0x10: RTL8169/8110SCd
(0x1800), irq 10, address 00:30:18:ad:ed:96
rgephy0 at re0 phy 7: RTL8169S/8110S PHY, rev. 2
re1 at pci0 dev 11 function 0 "Realtek 8169SC" rev 0x10: RTL8169/8110SCd
(0x1800), irq 11, address 00:30:18:ad:ed:97
rgephy1 at re1 phy 7: RTL8169S/8110S PHY, rev. 2
pciide0 at pci0 dev 15 function 0 "VIA VT6420 SATA" rev 0x80: DMA
pciide0: using irq 15 for native-PCI interrupt
wd0 at pciide0 channel 0 drive 0: <ST380815AS>
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6
uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: irq 5
uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: irq 5
uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: irq 15
uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: irq 15
ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: irq 10
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "VIA EHCI root hub" rev 2.00/1.00 addr 1
viapm0 at pci0 dev 17 function 0 "VIA VT8237 ISA" rev 0x00
iic0 at viapm0
spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-4200CL3
auvia0 at pci0 dev 17 function 5 "VIA VT8233 AC97" rev 0x60: irq 10
ac97: codec id 0x414c4760 (Avance Logic ALC655 rev 0)
audio0 at auvia0
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 "VIA UHCI root hub" rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 "VIA UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 "VIA UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci3: USB revision 1.0
uhub4 at usb4 "VIA UHCI root hub" rev 1.00/1.00 addr 1
isa0 at mainbus0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
spkr0 at pcppi0
fins0 at isa0 port 0x4e/2
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
biomask e7fd netmask effd ttymask ffff
mtrr: Pentium Pro MTRR support
vscsi0 at root
scsibus0 at vscsi0: 256 targets
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
#
