[nycbug-talk] OpenBSD PF help
Brian A. Seklecki
lavalamp at spiritual-machines.org
Mon Jun 11 12:34:38 EDT 2007
Yes is the answer to your question.
Show me "netstat -rn" and "ifconfig -a" (shielded). Is there any CARP
involved?
What is the subnetting like on the "handoff" or "WAN" or "Upstream"? Your
ISP should have static routes for your /28 and /29 via to your int0 IP
address (or if they are contiguous, the larger /27).
~BAS
On Mon, 11 Jun 2007, Barry Kominik wrote:
> Hi,
> I'm having problems getting a pf filter working. I must be doing something
> simple wrong, anybody have any advice?
>
> I have two public routable IP blocks, let's say 1.1.1.1/29 and 2.2.2.1/28.
> The colo routes both networks to my handoff. I have the int0 connected to
> the handoff from the co-lo and ext0 configured as the 2.2.2.1. I have
> net.inet.ip.forwarding=1. Shouldn't basic routing work without even enabling
> the firewall? Hosts on the 2 network can ping trough to the
> 1.1.1.1interface, but not beyond. Hosts on the internet can see
> 1.1.1.1 but nothing on the 2. network. I can get this to work by setting up
> a bridge between the interfaces, but this strikes me as incorrect. Am I
> missing something simple? If not I can pay for some consulting time.
>
> Thanks,
> Barry
>
l8*
-lava (Brian A. Seklecki - Pittsburgh, PA, USA)
http://www.spiritual-machines.org/
"Guilty? Yeah. But he knows it. I mean, you're guilty.
You just don't know it. So who's really in jail?"
~James Maynard Keenan
-------------- next part --------------
_______________________________________________
% NYC*BUG talk mailing list
http://lists.nycbug.org/mailman/listinfo/talk
%Be sure to check out our Jobs and NYCBUG-announce lists
%We meet the first Wednesday of the month
More information about the talk
mailing list