[nycbug-talk] OpenBSD PF help

Brian A. Seklecki lavalamp at spiritual-machines.org
Mon Jun 11 12:34:38 EDT 2007

Yes is the answer to your question.

Show me "netstat -rn" and "ifconfig -a" (shielded).  Is there any CARP 

What is the subnetting like on the "handoff" or "WAN" or "Upstream"?  Your 
ISP should have static routes for your /28 and /29 via to your int0 IP 
address (or if they are contiguous, the larger /27).


On Mon, 11 Jun 2007, Barry Kominik wrote:

> Hi,
> I'm having problems getting a pf filter working. I must be doing something
> simple wrong, anybody have any advice?
> I have two public routable IP blocks, let's say and
> The colo routes both networks to my handoff. I have the int0 connected to
> the handoff from the co-lo and ext0 configured as the I have
> net.inet.ip.forwarding=1. Shouldn't basic routing work without even enabling
> the firewall? Hosts on the 2 network can ping trough to the
>, but not beyond. Hosts on the internet can see
> but nothing on the 2. network. I can get this to work by setting up
> a bridge between the interfaces, but this strikes me as incorrect. Am I
> missing something simple? If not I can pay for some consulting time.
> Thanks,
> Barry

 	-lava (Brian A. Seklecki - Pittsburgh, PA, USA)

     "Guilty? Yeah. But he knows it. I mean, you're guilty.
     You just don't know it. So who's really in jail?"
     ~James Maynard Keenan
-------------- next part --------------
% NYC*BUG talk mailing list
%Be sure to check out our Jobs and NYCBUG-announce lists
%We meet the first Wednesday of the month

More information about the talk mailing list