root@ganesha:/etc# cat pf.conf | grep wg
block in on wg match out on $ext_if from wg0:network to any nat-to $ext_if:0 pass in on wg from wg:network to ! <users> modulate state root@ganesha:/etc# root@ganesha:/etc# ping -c 1 10.10.10.2 PING 10.10.10.2 (10.10.10.2): 56 data bytes 64 bytes from 10.10.10.2: icmp_seq=0 ttl=64 time=84.140 ms --- 10.10.10.2 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 84.140/84.140/84.140/0.000 ms root@ganesha:/etc# root@ganesha:/etc# tcpdump -i vio0 host 10.10.10.2 tcpdump: listening on vio0, link-type EN10MB 17:51:48.596335 10.10.10.2.41470 > m71os.services.getactivationkey.com.https: S 2252122240:2252122240(0) win 65535 <mss 1380,sackOK,timestamp 656618 0,nop,wscale 6> (DF) ^C 74 packets received by filter 0 packets dropped by kernel root@ganesha:/etc# PF nat doesn't translate. On Thu, Mar 4, 2021 at 6:43 PM Ashton Fagg <ash...@fagg.id.au> wrote: > Riccardo Giuntoli <tag...@gmail.com> writes: > > > Hi list. A pleasure to. > > > > Got a strange error with native wireguard for roadwarrior config. > > Pasting the full error makes people more likely to help you. > > > PF NAT doesn't work. > > Ok, but what's the error? "doesn't work" isn't very descriptive. > > > Someone with the same problem. > > > > root@ganesha:/etc# sysctl kern.version > > kern.version=OpenBSD 6.8 (GENERIC) #5: Mon Feb 22 04:04:49 MST 2021 > > r...@syspatch-68-amd64.openbsd.org: > > /usr/src/sys/arch/amd64/compile/GENERIC > > > > root@ganesha:/etc# > -- Name: Riccardo Giuntoli Email: tag...@gmail.com Location: sant Pere de Ribes, BCN, Spain PGP Key: 0x67123739 PGP Fingerprint: CE75 16B5 D855 842FAB54 FB5C DDC6 4640 6712 3739 Key server: hkp://wwwkeys.eu.pgp.net
