Re: OpenBSd 5.9 dup-to

Tue, 09 May 2017 04:50:47 -0700 

Yes.

⁣Sent from BlueMail ​

On May 8, 2017, 8:35 PM, at 8:35 PM, Monah Baki <monahb...@gmail.com> wrote:
>You have it setup in bridge mode?
>
>Thanks
>
>
>On Mon, May 8, 2017 at 9:01 PM Edgar Pettijohn
><ed...@pettijohn-web.com>
>wrote:
>
>>
>>
>> On 05/08/17 17:55, Monah Baki wrote:
>> > Hi all,
>> >
>> > I am running OpenBSD 5.9 on a Net4801 Soekris. It's acting as my
>gateway
>> > and all my internal machines on the 10.0.0.x network are able to
>get to
>> the
>> > internet.
>> >
>> > My ifconfig
>> >
>> > # ifconfig
>> > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 32768
>> >          priority: 0
>> >          groups: lo
>> >          inet6 ::1 prefixlen 128
>> >          inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
>> >          inet 127.0.0.1 netmask 0xff000000
>> > sis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>> >          lladdr 00:00:24:c5:08:bc
>> >          priority: 0
>> >          groups: egress
>> >          media: Ethernet autoselect (100baseTX full-duplex)
>> >          status: active
>> >          inet 192.168.1.222 netmask 0xffffff00 broadcast
>192.168.1.255
>> > sis1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
>> >          lladdr 00:00:24:c5:08:bd
>> >          priority: 0
>> >          media: Ethernet autoselect (100baseTX full-duplex)
>> >          status: active
>> >          inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255
>> > sis2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> mtu 1500
>> >          lladdr 00:00:24:c5:08:be
>> >          priority: 0
>> >          media: Ethernet autoselect (none)
>> >          status: no carrier
>> >
>> >
>> >
>> >
>> >
>> > My pf.conf
>> >
>> >
>> > set skip on lo
>> >
>> > block return    # block stateless traffic
>> > pass            # establish keep-state
>> >
>> > pass out on sis0 inet from sis1:network to any nat-to sis0
>> > pass in on sis1 dup-to 10.0.0.2
>> > pass out on sis1 dup-to 10.0.0.2
>> >
>> >
>> >
>> > The 10.0.0.2 is the IP address of my Windows workstation running
>> wireshark,
>> > however I do not see any network traffic from my internal
>workstations.
>> >
>> > I actually prefer to copy traffic from sis1 to sis2 if possible and
>just
>> > connect directly my wireshark laptop to it
>> >
>> > Am I missing anything?
>> >
>> >
>> > Thanks
>> > Monah
>> I am using a soekris for my router as well.  I pretty much just
>followed
>> the advice here https://www.openbsd.org/faq/pf/example1.html and have
>> had no problems for over a year now.
>>
>> Edgar
>>
>>

Reply via email to