Ok, I'm new to OpenBSD and pf, but I'm quickly getting the hang of it.
Here's my setup:
AMD 2300 w/ 512mb DDR ram
512mb flash drive
5 10/100 network cards
I have 4 networks right now, one of them is the internet. So let's call them, Inet,
A, B,and C.
Network C is the network with all mail/web/dns/etc servers on it.
A and B are networks, I could really care less what traffic goes to them, and from
them, going to/from the
internet and each other.
I want networks A and B to be able to only access the mail servers on ports
25/110/80/443, dns servers on
port 53, webservers on ports 80/443, and a couple of other servers via ftp.
Should be very simple, I setup some rules to allow all traffic from Inet going to A
and B. I then allowed
all traffic from A and B going to Inet to pass through.
I then setup some holes on C, to allow those ports to those servers that I want open.
I also allowed
network C to access http/https/ftp/dns/mail outside of it's network.
I have a catch all in the bottom of my script, to just block everything that doesn't
fit into anything else.
I enable it.. what happens.. I loose connectivity to all the networks. Nothing can
see anything outside of
their network.
do a ping from the firewall, and you get:
ping: sendto: No route to host
ping: wrote 192.168.3.250 64 chars, ret=-1
Anyone have any ideas?