View Single Post
  #2   (View Single Post)  
Old 23rd December 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

It's always helpful to draw pictures. I started to do that, and noticed, immediately, a problem with the priv_nets and dmz_net macros. It is not clear what your netmasks are, but if they match these definitions, you have a subnet configuration problem.

It is not clear from this pf.conf file how your interfaces are actually configured.

Is your internal LAN (on re0) really 192.168.0.0/16 (netmask 255.255.0.0)?

Is your DMZ lan (on re1) really 192.168.1.0/16 (netmask 255.255.0.0)?

If so, these two LANs have overlapping subnets, and problems will occur.

-----

Show us your network configuration. Post the output of:

$ ifconfig
$ route -n show -inet
Reply With Quote