You should try to go look at http://74.125.77.147 which is google. That way you check if the comm is going. In the first place I had DNS troubles. If then it is a DNS problem at least we have localised sth. Please try to locate the problem by sniffing packets using tcpdump on the OpenBSD's interfaces in/out and maybe on the client also to see what he receives from the OpenBSD.
Then it would be easier to find out. Regards, JF Le mardi 24 fC)vrier 2009 C 21:48 -0800, Hilco Wijbenga a C)crit : > 2009/2/23 Jason Dixon <ja...@dixongroup.net>: > > ########################################################## > > 00 ext_if = "sk0" > > 01 int_if = "sk1" > > 02 > > 03 set skip on lo > > 04 > > 05 scrub in > > 06 > > 07 nat on $ext_if from $int_if:network to any -> ($ext_if:0) > > 08 > > 09 block in log all > > 10 pass in on $int_if inet keep state > > ########################################################## > > I tried this and I'm afraid it doesn't work. I can't ping anymore, > neither from my own box nor from the firewall. This setup is basically > what I also found in the books I have, I guess. :-( > > DHCP works (i.e. my box gets an IP from the DHCP daemon on the > firewall) and I can see maradns receiving requests from localhost (the > firewall) and from the int_if (my box) when I try to ping something. > It's all blocked by the firewall, though. > > I don't think it should matter but the only "special" thing about my > setup is that my external IP is on 192.168.1.0/24. Yes, that's my > *external* network. No more IPv4 address shortages for my ISP. :-) > > Please also see my next reply.
