Deraj Puma wrote:
Hi there!
I'm having major head-aches trying to figure out why this isn't working.
I have an OpenBSD machine acting as a router/firewall and it has three
interfaces: vge0, vge1, and dc0. This machine connects to a hub and
the hub in turn connects to various other machines. I got NAT to work
only by plugging both vge0 and dc0 into the hub (at least one has to
be the source link), but it fails if either vge0 or dc0 is set to down
or unplugged.
I've narrowed my pf.conf file down to a minimal reproducable state and
here it is:
ext_if="vge1"
int_if="vge0"
lan="192.168.0.0/16"
nat on $ext_if from $lan to any -> ($ext_if:0)
pass out on $ext_if proto { tcp, udp, icmp } from any to any
pass quick on $int_if
Am I missing something? I feel like a fool as I've been trying to fix
this for hours now but I just can't figure it out.
Which interface routes for the 192.168/16 subnet?
The output from ifconfig, pfctl -sn and route might be useful for
debugging this issue.
Fred
--
http://www.crowsons.com/puters/x41.htm
