Advertisement

04.03.2008 at 08:15AM PDT, ID: 23293078
[x]
Attachment Details

Firewall problems with pf

Asked by iannar in FreeBSD, OpenBSD, NetBSD

Tags: freebsd

Here is my pf.conf:

tcp_pass = "{80 22}"
ext_if = "xl0"
int_if = "xl1"
localnet = $int_if:network

nat on $ext_if from $localnet to any -> ($ext_if)
pass out on xl0 proto udp to any port $tcp_pass keep state

with this config, I can surf the net on the firewall machine, but cannot surf the net on any client on my internal network.  
If I insert a 'pass all' into the pf.conf file, I can surf the net from the clients....

anyone know why?Start Free Trial
[+][-]04.03.2008 at 12:06PM PDT, ID: 21275826

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: FreeBSD, OpenBSD, NetBSD
Tags: freebsd
Sign Up Now!
Solution Provided By: TeRReF
Participating Experts: 4
Solution Grade: A
 
 
[+][-]04.15.2008 at 03:00PM PDT, ID: 21363223

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]04.16.2008 at 02:27AM PDT, ID: 21365983

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]04.23.2008 at 01:31AM PDT, ID: 21418572

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]04.23.2008 at 07:13AM PDT, ID: 21420875

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628