Re: RES: RES: Filtering outgoing connections in pf

But it can still be a router if it does not do natting, a router with only public IP's Cezary Morga wrote: Dnia Eroda, 15 paE:dziernika 2008, cgc napisaE: And any box that is doing packet filtering between 2 or more networks, eg. a private network and the internet, is a router as far as

RES: RES: RES: Filtering outgoing connections in pf

PROTECTED] Enviada em: quarta-feira, 15 de outubro de 2008 16:21 Para: Ricardo Augusto de Souza Cc: misc@openbsd.org Assunto: Re: RES: RES: Filtering outgoing connections in pf What exactly are you trying to achieve? what pc's do you want to have access to what ports? Are you just allowing

Re: RES: RES: RES: Filtering outgoing connections in pf

- De: cgc [mailto:[EMAIL PROTECTED] Enviada em: quarta-feira, 15 de outubro de 2008 15:49 Para: Ricardo Augusto de Souza Cc: misc@openbsd.org Assunto: Re: RES: Filtering outgoing connections in pf let me give you an example, if you

Re: RES: Filtering outgoing connections in pf

Private IP's like those in 10.10.0.0/16 have to be natted using nat on $ext_if from 10.10.0.0/16 to any - ($ext_if) so the packets exiting $ext_if are coming from ($ext_if) and not from 10.10.0.0/16 Regards, Charlie Ricardo Augusto de Souza wrote: I didn4t understand what u Said. Could u

RES: Filtering outgoing connections in pf

Is is possible filter outgoing packets in $ext_if even doing NAT? I mean, after nat on $ext_if from 10.10.0.0/16 to any - ($ext_if) all packets from 10.10.0.0/16 will be translated to $ext_if. I wish I could filter 10.10.0.0/16 packets in $ext_if. Is is possible? Thanks -Mensagem

Re: RES: Filtering outgoing connections in pf

Why do you need to? you filter packets coming in on $int_if using the private ip, there no need to filter packets on $ext_if using the private ip. And as far as I know there is no way filter on $ext_if based on the private ip when you are natting Regards, Charlie On Wed, 15 Oct 2008 14:44:43

Re: RES: RES: Filtering outgoing connections in pf

Augusto de Souza Cc: misc@openbsd.org Assunto: Re: RES: Filtering outgoing connections in pf let me give you an example, if you just want 10.10.0.0/16 to have port 80 access then you need 3 rules: #the nat nat on $ext_if from 10.10.0.0/16 to any port 80 - ($ext_if) #allow through $int_if

Re: RES: Filtering outgoing connections in pf

let me give you an example, if you just want 10.10.0.0/16 to have port 80 access then you need 3 rules: #the nat nat on $ext_if from 10.10.0.0/16 to any port 80 - ($ext_if) #allow through $int_if pass in quick on $int_if proto tcp from 10.10.0.0/16 to any port 80 #and finally allow through

Re: RES: RES: Filtering outgoing connections in pf

Dnia Eroda, 15 paE:dziernika 2008, cgc napisaE: And any box that is doing packet filtering between 2 or more networks, eg. a private network and the internet, is a router as far as I am aware If it's natting or filtering packets it's a gateway. -- Cezary Morga If you live to be one hundred,