Hello,
I don't really know what is the solution - but I can give a few clues
- that might help.
First of all - why do you have so many network interfaces running at
the same time..? They complicate things unnecessarly.. You should
setup something like:
- 1 for WAN
- 1 for LAN (wired - connected to hardware switch)
- 1 for Air Communications (Wi-Fi)
The fact that mentioned URL's opens at your box (via links or
something similiar) means absolutely nothing..
And one more thing - you should setup your pf from scratch - with help
of google and guys over here..
--
Good Night,
macosxgeek
http://zapytaj-gugla.com.pl
WysE�ane z iPhone'a
W dniu 2009-01-04, o godz. 23:23, Sergey Khentov sergey.khen...@gmail.com
napisaE�(a):
Hello there,
I have a very little experience in OpenBSD and network configuration /
troubleshooting, so any advice / keyword to google / etc is welcome.
Description:
I have installed and configured OpenBSD 4.4-release to be used as a
gateway to Internet (via ADSL modem).
ser...@gate:~ uname -a
OpenBSD gate.home.net 4.4 GENERIC#1021 i386
At the moment most of configuration work has been done: I can browse
Internet from my home network. But some sites are not accessible:
when I
try to open an URL my browser thinks a lot of time (about 30 minutes -
after that I have stopped URL loading) and does not shows anything at
all! But when I try to open the same URL with lynx on OpenBSD - it
opens
without any errors / delays / etc. The one example of the web-site -
battle.net. The other example - youtube.com. I have tried to open
those
from Desktop PC with Windows XP and from Nokia N810, and the result is
the same, so I think it is OpenBSD-configuration error. Moreover,
traceroute from home network to e.g. battle.net reaches some Internet
servers. I have tried to search google and have asked this question on
one of *NIX-related forums and haven't get any solution of my problem.
Well, maybe you have any ideas?
Here comes OpenBSD configuration:
PC has 4 network cards: ath0 (this is also a wireless access-point),
rl0, rl1, rl2. rl0 is connected to home network, rl1 looks into local
area network (there are some common resources), rl2 is connected to
ADSL-modem (bridge mode).
ser...@gate:~ ifconfig
lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33204
groups: lo
inet 127.0.0.1 netmask 0xff00
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST
mtu
1500
lladdr 00:1e:58:ad:74:d3
groups: wlan
media: IEEE802.11 autoselect hostap
status: active
ieee80211: nwid homenet chan 1 bssid 00:1e:58:ad:74:d3 nwkey not
displayed
inet 192.168.2.254 netmask 0xff00 broadcast 192.168.2.255
inet6 fe80::21e:58ff:fead:74d3%ath0 prefixlen 64 scopeid 0x1
rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:e0:4c:e9:c5:dc
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 192.168.1.254 netmask 0xff00 broadcast 192.168.1.255
inet6 fe80::2e0:4cff:fee9:c5dc%rl0 prefixlen 64 scopeid 0x2
rl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:11:6b:3f:16:02
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::211:6bff:fe3f:1602%rl1 prefixlen 64 scopeid 0x3
inet 10.0.55.43 netmask 0xff00 broadcast 10.0.55.255
rl2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1400
lladdr 00:11:6b:96:70:48
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::211:6bff:fe96:7048%rl2 prefixlen 64 scopeid 0x4
enc0: flags=0 mtu 1536
pppoe0: flags=8851UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST mtu 1392
dev: rl2 state: session
sid: 0x2d27 PADI retries: 5 PADR retries: 0 time: 09:20:19
sppp: phase network authproto pap
groups: pppoe egress
inet6 fe80::21e:58ff:fead:74d3%pppoe0 - prefixlen 64 scopeid 0x7
inet 78.37.41.134 -- 78.36.32.1 netmask 0x
pflog0: flags=141UP,RUNNING,PROMISC mtu 33204
groups: pflog
ser...@gate:~ cat /etc/pf.conf
# comments were stripped :)
cl_if=rl1
adsl_if=pppoe0
int_if=rl0
wifi_if=ath0
nets_priv = { 127.0.0.0/8 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 }
set block-policy drop
set loginterface $adsl_if
# scrub in all
nat on $cl_if from $int_if:network to 10.0.11.0/24 - ($cl_if)
nat on $cl_if from $wifi_if:network to 10.0.11.0/24 - ($cl_if)
nat on $adsl_if from $int_if:network to any - ($adsl_if)
nat on $adsl_if from $wifi_if:network to any - ($adsl_if)
ser...@gate:~ route show -inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Prio Iface
default 0.0.0.1 UGS 5 169770 - 48 pppoe0
10.0.1/24 core.drevlanka.ru UGS 0 5799 - 48 rl1
10.0.10/24 core.drevlanka.ru UGS 0 4 - 48 rl1
10.0.11/24 core.drevlanka.ru UGS 0 8951 - 48 rl1
10.0.55/24 link#3 UC 1 0 - 48 rl1
cerber.drevlanka.r localhost UGHS 0 0 33204 48 lo0
core.drevlanka.ru 00:13:21:c6:15:c7 UHLc 4 230 - 48 rl1
ip78-36-32-1.onego ip78-37-41-134.one UH 0 0 - 48 pppoe0
loopback localhost UGRS 0 0 33204 48 lo0
