Anyone else having issues with pf?
I don't think my rdr pass rule is keeping state as my reply packets
get dropped. As seen by tcpdump. And I can't get any output from
pfctl -x loud to see what's going on.
#pf.conf
ext_if="fxp0"
int_if="fxp1"
set skip on lo
set loginterface fxp0
nat on $ext_if from $int_if:network -> ($ext_if:0)
rdr pass on $ext_if proto tcp from any to port 26167 \
-> 10.10.77.5
block in log
pass out from ($ext_if) keep state
pass in from $int_if:network keep state
# pfctl -vsn
nat on fxp0 inet from 10.10.77.0/24 to any -> (fxp0:0)
[ Evaluations: 79 Packets: 23860 Bytes: 13738430 States:
17 ]
[ Inserted: uid 0 pid 30895 ]
rdr pass on fxp0 inet proto tcp from any to any port = 26167 ->
10.10.77.5
[ Evaluations: 134 Packets: 24 Bytes: 1392 States:
0 ]
[ Inserted: uid 0 pid 30895 ]
OpenBSD 4.1 (GENERIC) #1435: Sat Mar 10 19:07:45 MST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: AMD-K6tm w/ multimedia extensions ("AuthenticAMD" 586-class) 200
MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,MMX
real mem = 33124352 (32348K)
avail mem = 21467136 (20964K)
using 435 buffers containing 1781760 bytes (1740K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+ BIOS, date 01/13/98, BIOS32 rev. 0 @ 0xfd7f0
apm0 at bios0: Power Management spec V1.2 (BIOS mgmt disabled)
apm0: APM power management enable: unrecognized device ID (9)
apm0: APM engage (device 1): power management disabled (1)
apm0: AC on, battery charge unknown
apm0: flags b0102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd7f0/0x810
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf90/80 (3 entries)
pcibios0: PCI Interrupt Router at 000:07:0 ("Intel 82371SB ISA" rev
0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc0000/0x8000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82437VX" rev 0x02
pcib0 at pci0 dev 7 function 0 "Intel 82371SB ISA" rev 0x01
pciide0 at pci0 dev 7 function 1 "Intel 82371SB IDE" rev 0x00: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: <ST32122A>
wd0: 16-sector PIO, LBA, 2014MB, 4124736 sectors
wd0(pciide0:0:0): using PIO mode 4, DMA mode 2
pciide0: channel 1 ignored (disabled)
uhci0 at pci0 dev 7 function 2 "Intel 82371SB USB" rev 0x01: irq 9
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
ppb0 at pci0 dev 19 function 0 "DEC 21152 PCI-PCI" rev 0x03
pci1 at ppb0 bus 1
fxp0 at pci1 dev 4 function 0 "Intel 8255x" rev 0x05, i82558: irq 10,
address 00:03:47:08:45:1e
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 0
fxp1 at pci1 dev 5 function 0 "Intel 8255x" rev 0x05, i82558: irq 3,
address 00:03:47:08:45:1f
inphy1 at fxp1 phy 1: i82555 10/100 PHY, rev. 0
vga1 at pci0 dev 20 function 0 "S3 Trio64V2/DX" rev 0x16
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
ep0 at isa0 port 0x360/16 irq 7: address 00:20:af:a7:33:f3, utp/aui
(default utp)
sb0 at isa0 port 0x220/24 irq 5 drq 1: dsp v3.01
midi0 at sb0: <SB MIDI UART>
audio0 at sb0
opl0 at sb0: model OPL3
midi1 at opl0: <SB Yamaha OPL3>
pcppi0 at isa0 port 0x61
midi2 at pcppi0: <PC speaker>
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4: polled
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
biomask fb45 netmask ffcd ttymask ffcf
pctr: user-level cycle counter enabled
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
