thought I would post for if someone ends up in a similar situation, I
changed hte nat rules to be:
# xBox redirection
nat on $josh_if from $josh_xbox to any -> ($josh_if) # Nat the Xbox out
via gre0 (outbound)
rdr on $josh_if from any to ($josh_if) -> $josh_xbox # Redirect
everything received on gre0 to the xbox (inbound)
and working :)
Thank you for the hand out max
On 5 April 2017 at 11:10, Paul Webster <paul.g.webs...@googlemail.com>
wrote:
> I just read over my first post, a note would be that it does work
> perfectly outbound the only thing not working is ICMP and UDP inbound
>
> On 5 April 2017 at 10:34, Paul Webster <paul.g.webs...@googlemail.com>
> wrote:
>
>> Thank you for the fast reply mark, here is a list of interfaces with
>> there relative ips:
>>
>> GW1(local lan gateway):
>> lo0: 127.0.0.1 ::1
>> igb0: 86.5.192.180 (public_ip)
>> igb1: 172.31.33.1/24 (private lan)
>> msk0: unused/192.168.0.1
>> tun0: 172.19.20.2
>> gre0: 10.0.0.1 (via igb0)
>>
>> GW2(vps remote gateway):
>> lo0: 127.0.0.1 ::1
>> vio0: 185.157.232.30
>> gre0: 10.0.0.2 (via vio0)
>>
>> Xbox1 ( GW1[igb1->gre0] -> GW2[gre0->vio0] ):
>> lo0: 127.0.0.1 ::1
>> vtnet0: 172.31.33.254
>>
>> NOTE: xbox1 in this case is really freebsd 12-current with the forced ip
>> 172.31.33.254, because xbox really is to restrictive for debug purposes,
>> all it requires is that I set the correct dhcp-host on GW1 to make the
>> xbox1 172.31.33.254 though.
>>
>> Also the $localnet is really { 172.31.33.2-200 } so when the XBOX is
>> 172.31.33.254
>> it is not going out via primary NAT rule it is instead getting caught by
>>
>> pass in quick on $int_if from $josh_xbox rtable 1 # Swap packets
>> from the xbox to fib1 routing table
>>
>> and the corresponding NAT further up the ruleset, the 'default route' of
>> 'fib 1' is 10.0.0.2
>>
>>
>>
>
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
