Hello,
First, *sh /etc/netstart em0* (as root) looks as though it works . . . it
says that the address is renewed and *ifconfig* output says that em0 is UP,
RUNNING and active. Yet, I cannot get beyond my router. That is, I can log
into my router but can't browse the web or log into another machine beyond
my router.
Second, I've recently started to learn pf and setting up a server. As I say
above, I can log into my router and have recently opened ports 22 and 80 on
its firewall to allow such traffic to my oBSD box. I have another machine
running XP with a wifi connection to the same router. However, sometimes the
wifi connection gets messed up . . . the default gateway gets incorrectly
assigned. The way to re-establish the wifi connection (i.e., get a correct
default gateway) is to disconnect my oBSD box from the router and *repair*
the wifi connection on the XP box.
Now, when I plug the ethernet back into the oBSD box and *sh /etc/netstart
em0* I have the first problem above. When I reboot the machine the
connection works fine and my wifi is fine. (It seems that the wifi needs to
be connected before em0 is connected. If em0 is established before the wifi
we get the second problem.)
Note that my IP addresses are dynamically assigned and I've recently set up
and account with dyndns.com and installed/enabled ddclient. Below are my
dmesg, ifconfig output, and pf.conf (it's a temporary configuration, to work
things out).
What do you think?
Thanks in advance!
OpenBSD 4.4-current (GENERIC) #1955: Fri Dec 12 23:37:32 MST 2008
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 2058493952 (1963MB)
avail mem = 1998495744 (1905MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (74 entries)
bios0: vendor LENOVO version "7UET43WW (1.13 )" date 08/19/2008
bios0: LENOVO 7417CTO
acpi0 at bios0: rev 2
acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT ASF! SSDT
TCPA SSDT SSDT SSDT
acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4)
EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB1(S3)
USB2(S3) USB3(S3) USB4(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (AGP_)
acpiprt2 at acpi0: bus 2 (EXP0)
acpiprt3 at acpi0: bus 3 (EXP1)
acpiprt4 at acpi0: bus -1 (EXP2)
acpiprt5 at acpi0: bus 5 (EXP3)
acpiprt6 at acpi0: bus 13 (EXP4)
acpiprt7 at acpi0: bus 21 (PCI1)
acpiec0 at acpi0
acpicpu0 at acpi0: C3, C2, C1, PSS
acpitz0 at acpi0: critical temperature 127 degC
acpitz1 at acpi0: critical temperature 100 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpibat0 at acpi0: BAT0 model "42T5225" serial 3388 type LION oem "Panasonic"
acpibat1 at acpi0: BAT1 not present
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0
acpidock at acpi0 not configured
acpivideo at acpi0 not configured
acpivideo at acpi0 not configured
cpu0 at mainbus0: (uniprocessor)
cpu0: Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz, 2394.29 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,DS-CPL,VMX,SMX,EST,TM2,CX16,xTPR,NXE,LONG
cpu0: 3MB 64b/line 8-way L2 cache
cpu0: Enhanced SpeedStep 2394 MHz: speeds: 2401, 2400, 1600, 800 MHz
pci0 at mainbus0 bus 0: configuration mode 1
pchb0 at pci0 dev 0 function 0 "Intel GM45 Host" rev 0x07
vga1 at pci0 dev 2 function 0 "Intel GM45 Video" rev 0x07
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
intagp at vga1 not configured
inteldrm0 at vga1: irq 11
drm0 at inteldrm0: couldn't find agp
"Intel GM45 Video" rev 0x07 at pci0 dev 2 function 1 not configured
"Intel GM45 HECI" rev 0x07 at pci0 dev 3 function 0 not configured
em0 at pci0 dev 25 function 0 "Intel ICH9 IGP M AMT" rev 0x03: irq 11,
address 00:1e:37:d9:cc:ed
uhci0 at pci0 dev 26 function 0 "Intel 82801I USB" rev 0x03: irq 11
uhci1 at pci0 dev 26 function 1 "Intel 82801I USB" rev 0x03: irq 11
uhci2 at pci0 dev 26 function 2 "Intel 82801I USB" rev 0x03: irq 11
ehci0 at pci0 dev 26 function 7 "Intel 82801I USB" rev 0x03: irq 11
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 82801I HD Audio" rev 0x03: irq 11
azalia0: codecs: Conexant CX20561
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 82801I PCIE" rev 0x03: irq 11
pci1 at ppb0 bus 2
ppb1 at pci0 dev 28 function 1 "Intel 82801I PCIE" rev 0x03: irq 11
pci2 at ppb1 bus 3
ath0 at pci2 dev 0 function 0 "Atheros AR5424" rev 0x01: irq 11
ath0: AR5424 14.2 phy 7.0 rf 0.0, WOR02W, address 00:22:69:86:96:77
ppb2 at pci0 dev 28 function 3 "Intel 82801I PCIE" rev 0x03: irq 11
pci3 at ppb2 bus 5
ppb3 at pci0 dev 28 function 4 "Intel 82801I PCIE" rev 0x03: irq 11
pci4 at ppb3 bus 13
uhci3 at pci0 dev 29 function 0 "Intel 82801I USB" rev 0x03: irq 11
uhci4 at pci0 dev 29 function 1 "Intel 82801I USB" rev 0x03: irq 11
uhci5 at pci0 dev 29 function 2 "Intel 82801I USB" rev 0x03: irq 11
ehci1 at pci0 dev 29 function 7 "Intel 82801I USB" rev 0x03: irq 11
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
ppb4 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0x93
pci5 at ppb4 bus 21
cbb0 at pci5 dev 0 function 0 "Ricoh 5C476 CardBus" rev 0xba: irq 11
"Ricoh 5C832 Firewire" rev 0x04 at pci5 dev 0 function 1 not configured
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 22 device 0 cacheline 0x0, lattimer 0xb0
pcmcia0 at cardslot0
pcib0 at pci0 dev 31 function 0 "Intel 82801IEM LPC" rev 0x03
ahci0 at pci0 dev 31 function 2 "Intel 82801I AHCI" rev 0x03: irq 11, AHCI 1.2
scsibus0 at ahci0: 32 targets, initiator 32
sd0 at scsibus0 targ 0 lun 0: <ATA, HITACHI HTS72201, DCDZ> SCSI3 0/direct fixed
sd0: 152627MB, 512 bytes/sec, 312581808 sec total
cd0 at scsibus0 targ 1 lun 0: <HL-DT-ST, RW/DVD MU10N, 1.05> ATAPI
5/cdrom removable
ichiic0 at pci0 dev 31 function 3 "Intel 82801I SMBus" rev 0x03: irq 11
iic0 at ichiic0
usb2 at uhci0: USB revision 1.0
uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb3 at uhci1: USB revision 1.0
uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb4 at uhci2: USB revision 1.0
uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb5 at uhci3: USB revision 1.0
uhub5 at usb5 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb6 at uhci4: USB revision 1.0
uhub6 at usb6 "Intel UHCI root hub" rev 1.00/1.00 addr 1
usb7 at uhci5: USB revision 1.0
uhub7 at usb7 "Intel UHCI root hub" rev 1.00/1.00 addr 1
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: <PC speaker>
spkr0 at pcppi0
aps0 at isa0 port 0x1600/31
mtrr: Pentium Pro MTRR support
softraid0 at root
root on sd0a swap on sd0b dump on sd0b
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33160
priority: 0
groups: lo
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:1e:37:d9:cc:ed
priority: 0
groups: egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::21e:37ff:fed9:cced%em0 prefixlen 64 scopeid 0x1
inet 192.168.1.65 netmask 0xffffff00 broadcast 192.168.1.255
ath0: flags=8822<BROADCAST,NOTRAILERS,SIMPLEX,MULTICAST> mtu 1500
lladdr 00:22:69:86:96:77
priority: 0
groups: wlan
media: IEEE802.11 autoselect
status: no network
ieee80211: nwid ""
enc0: flags=0<> mtu 1536
priority: 0
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33160
priority: 0
groups: pflog
# $OpenBSD: pf.conf,v 1.37 2008/05/09 06:04:08 reyk Exp $
#
# See pf.conf(5) for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.
#########################################################################
############################# MACROS ##############################
#########################################################################
ext_if="em0"
#int_if="int0"
#wifi_if="ath0"
#dyn_dns="99.135.171.64" # DynDNS IP (i.e., external IP)
#int_ip="192.168.1.0/24" # Interanl IP
#tcp_services="22" # 22 = ssh port
#icmp_types="echoreq"
#########################################################################
########################### runtime options #############################
#########################################################################
#set block-policy drop
#set loginterface $ext_if # log all on ext_if
set skip on lo
#scrub in all no-df random-id fragment reassemble
######################################
# Options: *no-df* clears the *don't fragment* bit that
# some packets have attached to them. Without
# this option those packets will be dropped.
# *random-id* works with the above option to
# assign *no-df pakcets* with a random id.
# *fragment reassemble* assembles packet fragments
# before being filtered.
#######################################
#########################################################################
############################ NAT rules ##################################
#########################################################################
#nat on $ext_if from $int_ip to any -> $dyn_dns
#nat on $ext_if from $dyn_dns to any -> $int_ip
############################################
# This rule translates the dynamic internal address
# to the set (DynDSN) IP address
############################################
#########################################################################
############################ filter rules ###############################
#########################################################################
#block in # default block all
#pass out keep state # allow all stuff out
#antispoof log quick for {lo $wifi_if $ext_if} # get rid of bad stuff
#pass in on $ext_if inet proto tcp from any to ($ext_if) \
# port ssh
#pass in inet proto icmp all icmp_type $icmp_types keep state
pass quick from any to any
--
www.nealhogan.net
