[nycbug-talk] OpenBSD PF help
Barry Kominik
bkominik at gmail.com
Wed Jun 13 10:51:48 EDT 2007
On 6/13/07, Kurt Miller <lists at intricatesoftware.com> wrote:
>
> On Monday 11 June 2007 12:23:51 pm Barry Kominik wrote:
> > Hi,
> > I'm having problems getting a pf filter working. I must be doing
> something
> > simple wrong, anybody have any advice?
> >
> > I have two public routable IP blocks, let's say 1.1.1.1/29 and
> 2.2.2.1/28.
> > The colo routes both networks to my handoff. I have the int0 connected
> to
> > the handoff from the co-lo and ext0 configured as the 2.2.2.1. I have
> > net.inet.ip.forwarding=1. Shouldn't basic routing work without even
> enabling
> > the firewall? Hosts on the 2 network can ping trough to the
> > 1.1.1.1interface, but not beyond. Hosts on the internet can see
> > 1.1.1.1 but nothing on the 2. network. I can get this to work by setting
> up
> > a bridge between the interfaces, but this strikes me as incorrect. Am I
> > missing something simple? If not I can pay for some consulting time.
> >
> > Thanks,
> > Barry
> >
>
> Is /etc/mygate on the router set?
Yes /etc/mygate is set and net.inet.ip.forwarding=1. I also configured
/etc/networks and tried /etc/gateway. pf is disabled. Shouldn't basic
routing work straight away? The routing table looks to me like it gets
populated correctly. If I do a tcpdump on the northbound interface I can see
the proper packets, but they are not traversing the router.
B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nycbug.org/pipermail/talk/attachments/20070613/0154b3b9/attachment.html>
More information about the talk
mailing list