The default pf.conf had the nat configuration I have been using:
nat on $ext_if from !($ext_if) - ($ext_if:0)
and it works fine. The problem seems to be with my use of dnsmasq.
-Lars
I'm building a firewall / gateway on OpenBSD and seem to have the pieces
working separately, but need a clue as to how to get them to fit
together. Basically, I can connect to and from each interface but not
across them.
I can connect from A to B (and from B to A) via SSH, ping, HTTP
I can
On Wednesday, August 15, 2007 at 15:59:34 +0300, Lars Noodin wrote:
I'm building a firewall / gateway on OpenBSD and seem to have the pieces
working separately, but need a clue as to how to get them to fit
together. Basically, I can connect to and from each interface but not
across them.
I can
Maurice Janssen wrote:
The two most obvious things to look at:
- enable IP-forwarding on the fw/router
That was mentioned in one of the first steps of the guides or howtos as
being taken care of in /etc/sysctl.conf. Here's an except from mine:
# grep forw /etc/sysctl.conf
On Wednesday, August 15, 2007 at 18:50:26 +0300, Lars Noodin wrote:
Maurice Janssen wrote:
The two most obvious things to look at:
- enable IP-forwarding on the fw/router
That was mentioned in one of the first steps of the guides or howtos as
being taken care of in /etc/sysctl.conf. Here's an
Maurice Janssen wrote:
Looks OK to me. You could try tcpdump on the internal and external
interface to try to find out where the packets get lost.
Thanks. I was doing that and could see that they were getting to the
one interface but not the other. After giving up, coming back, and
messing
If I run the command
# pfctl -vsr
I get counters started from the last time I loaded the rule set.
Is there a way to find out the Date and Time I last loaded the rule set
so that
I can know the length of time it took to acquire x number of packets, etc?
I see a line for Status: Enabled ...
7 matches
Mail list logo
