-----Original Message-----
> From: Remco [mailto:[email protected]]
> Sent: January-12-10 3:16 AM
> To: [email protected]; Sampson, Warren; [email protected]
> Subject: Re: Update pf with new private IP segment added behind
internal router
>
>>
>> I've used the following command on the OBSD machine:
>> route add -inet 172.16.0.0/24 192.168.1.254
>>
>
> I don't expect this to be necessary if your default gateway is
> 192.168.1.254.
My default gateway is an outside IP on another NIC
>> pass in on $int_if from $int_if:network to any keep state
>> pass out on $int_if from any to $int_if:network keep state
>>
>> I'm guessing int_if is picking up the 192.168.1.0 address but not the
>> 172.16.0.0 piece that I have added a route for manually.
>>
>
> '$int_if:network' translates to the subnet 'int_if' is connected to.
(my
> guess is 192.168.1.0/24) You should be able to see that using 'pfctl
-sr'.
>
> If I consider both 192.168.1.0/24 and 172.16.0.0/24 part of your LAN,
maybe
> replacing:
> pass in on $int_if from $int_if:network to any keep state
> pass out on $int_if from any to $int_if:network keep state
>
> with something like:
> lan_net = "{ 192.168.1.0/24, 172.16.0.0/24 }"
>
> pass in on $int_if from $lan_net to any keep state
> pass out on $int_if from any to $lan_net keep state
>
> will help.
That indeed was the ticket. I adjusted as you suggested and everything
is working fine.
Thanks for your help.
Warren
_______________________________________________
Openbsd-newbies mailing list
[email protected]
http://mailman.theapt.org/listinfo/openbsd-newbies
