Moving topic to misc@. Or do you think NAT is broken? zje.net...@foxmail.com (zje.net.cn), 2016.01.19 (Tue) 03:37 (CET): > Hi, i'm tesing the NAT with the pf on OpenBSD 5.8, but i can not make it > successful.There is a server with pf having a internal IP 10.0.11.200 and > external IP 61.xxx.xx.xx, > then, i make a pf.conf with contents like below(having enable IP forwarding) : > > > #my define > int_if = "de1" #10.0.11.200 > ext_if = "de2" #61.xxx.xx.xx > int_net = "10.0.11.0/24" > #my rules > pass out on $ext_if inet from $int_if:network to any nat-to $ext_if > > > > after apply the config, i test working of the NAT from a client with > IP 10.0.11.19 (who's gateway refer to 10.0.11.200), > then i can not visit the external service such as a website, > when i try to "netstat/n" on the client, get results as below: > > now, i need help for my problem, thanks for your reply.
your lovely dos box image shows that the connection is in SYN state; I guess your client (10.0.11.19) just gets blocked when entering the firewall via de1. Bye, Marcus
