Quote:
Originally Posted by robbak
Oh, I didn't see that you had misnamed int_if and ext_if.
these macros are used for routers: int_if is for the internal facing interface, and ext_if is the external interface. Like this:
Code:
##########################
Internet-----#ext_if Router int_if#-------{Internal Network}
##########################
I have no idea if that would work, but it should give you a start for troubleshooting.
|
Thanks, my fault here though. I did not explain that PF is 'self-protecting' my server behind a router (off-the-shelf hardware not running OpenBSD). The router blocks all incoming traffic by default now except for my www ports. So in my setup, int_if is actually the loopback device only, whereas ext_if is what faces the router.
My initial worry was that any open port, even forwarded, could be a 'portal' for bogons to exploit.