Hi all,
I have setup a virtual machine on my openbsd box, following the guide
https://www.openbsd.org/faq/faq16.html#VMMnet
I have trouble configuring pf to give the the VM access to the internet.
If my /etc/pf.conf contains the following lines, I don't have access to the
internet from the VM:
----------
block all
pass out inet all keep state
# Config to allow virtual Machine VMM to access the internet
DNS_SERVER="8.8.8.8"
match out on egress from 100.64.0.0/10 to any nat-to (egress)
pass in proto { udp tcp } from 100.64.0.0/10 to any port domain rdr-to
$DNS_SERVER port domain
-----------
However, if I comment out the first line (block all), or add a "pass in" line
then it works.
Either is way too permissive though, what is the smallest "pass in" I should
add to allow it internet access?
I tried "pass in to 100.64.0.0/10" but it does not work.
Thank you!
Jake
