On Tuesday 13 February 2007 18:40, mal content wrote: > To clarify: > > I can connect from any 192.168.2.* IP to a temporary machine > in the 192.168.1.* network (the empty network between the hardware > router and the openbsd box), so packets appear to be forwarded > correctly. If I try to connect to an external IP, however, the packets > don't seem to go anywhere. I have, on a few occasions, seen responses > from openbsd.org to packets sent earlier which are then blocked by > pf (correctly, as they are no longer associated with any connection). > > I have connected a machine to the 192.168.1.* network to sniff > packets with wireshark and see absolutely nothing go through when > a machine at 192.168.2.5 attempts to 'nc' to openbsd.org:80. Watching > pf logs with tcpdump shows that pf certainly believes it has forwarded > packets to the external IP address.
Just out of curiosity, what is the output from netstat -nrf inet? Is this possibly a routing problem? If pf is turned off, are you able to connect to external IP addresses? > > ... > > In the old days, we'd have opened the switch with bolt cutters and > set fire to the building on the way out. > > MC > > > !DSPAM:1,45d25f0378142517112723! -- Vijay Sankar ForeTell Technologies Limited 59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6 Phone: +1 (204) 885-9535, E-Mail: [EMAIL PROTECTED]
