I commented out "pass out keep state" and added, after the nat rule, pass quick all. Still nothing.
I cant even ping from the server the private IP which the client has.... I know the client is connected to the server, it shows up on dhcpd.leases. Do you think its my dhcpd server that's wrong? On Oct 5, 2007, at 1:59 PM, Joe Gibbens wrote: > > rl0 is connected to the internet. > On Oct 5, 2007, at 12:52 PM, ropers wrote: > > > On 05/10/2007, a.padilla <[EMAIL PROTECTED]> wrote: > >> I commented everything out except the nat rule and > >> "pass out keep state" > >> > >> still nothing. > > > delete "pass out keep state" This will not work alone. > insert "pass quick all" as a temporary test. If you can move > traffic from your internal net through your firewall with this rule > enabled, comment it out and then start developing your ruleset. > > unless I'm missing a piece of your pf.conf, you have no rule that > is allowing inbound traffic from your internal network to your > internal interface. You must explicitly allow traffic into the > firewall. "pass out keep state" would only allow a state to be > created on traffic originating at the firewall itself. > > > -- > Joe
