Did you set up a nat rule in either /etc/nat.conf (if using OBSD 3.0 or 3.1) or in /etc/pf.conf if using 3.2-beta? >From the man pages, you should need to run something like this: nat on $EXTERNAL_INTERFACE from $INTERNAL_NETWORK to any \ -> $EXTERNAL_INTERFACE This will set up NAT, and let your office have connection. Don't forget to set `keep state` & so on when setting up the pf rules, or else nothing will be able to get back in.
Joe Barrett ----- Original Message ----- From: "Felix Cuello" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, October 10, 2002 13:36 Subject: newbie firewall question > Hello! > > I'm configuring now a OpenBSD firewall to protect some servers and my > private lan. This openBSD are now doing dinamic NAT to provides > internet to all my office and that's works fine... > > Now, when I wrote this firewall rules in /etc/pf.conf > [this rules are copied exactly as appears in openbsd.org page] > > block in on rl0 all > pass in on rl0 inet proto tcp from any to any port 22 > pass in on rl0 inet proto tcp from any to any port 80 > pass in on rl0 inet proto tcp from any to any port 443 > pass out on rl0 all > > > my office doesn't have Internet access..., > > What's wrong?, what can I read to learn this? > > Thsnks a lot, > > Felix > "sorry for my poor english" > > > --------------------------------------- > Felix Cuello > [EMAIL PROTECTED] > > Qodiga/its > http://www.qodiga.com > Santa Fe 882 - Piso 13 - Of."E" > Buenos Aires, ARGENTINA > > >