View Single Post
  #4   (View Single Post)  
Old 14th June 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

You don't need pf to route packets between networks, you need the appropiate routes. Using the following simple network:
Code:
      10.2.2.100
          |
          |
+---------|---------+
|    10.2.2.1/24    |
|                   |
|       router      |
|                   |
|  192.168.44.1/24  |
+---------|---------+
          |
          |
          |
    192.168.44.100
  • If host 192.68.44.100 wants to communicate with host 10.2.2.100 it needs a route to the 10.2.2.0/24 network:

    Code:
    # route add -net 10.2.2.0/24 192.168.44.1
    add net 10.2.2.0/24: gateway 192.168.44.1
    Or # route add default 192.168.44.1 if there are not any other networks.
  • If host 10.2.2.100 wants to answer packets to host 192.168.44.100 it needs a route to the 192.168.44.0/24 network:

    Code:
    # route add -net 192.168.44.0/24 10.2.2.1
    add net 192.168.44.0/24: gatewary 10.2.2.1
    Or # route add default 10.2.2.1 if there are not any other networks

How do the routing tables on the hosts on your 192.168.1.0/24 and 192.168.0.0/24 network look like?
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote