Quote:
Originally Posted by mbzadegan
Hi all,
I want to forward all network packets between both interfaces (em0,em1).
|
This is called "routing" packets, and this is what a router does.
To route packets between two network interfaces, on OpenBSD they must attach to different networks -- their address ranges cannot overlap.
In its simplest form:
[Network A] - [router] - [Network B]
But most implementations aren't that simple. There are often Internet connections needed, and a default route must be provisioned. These are often called gateway routers.
[Network A] - [gateway router] - [the Internet]
And there are intermediate routers, often used in a DMZ. Here is a simple example:
[Network A] - [router] - [Network B] - [gateway router] - Internet
And then there is Network Address Translation (NAT), which is used to translate addresses as they transit a router. The most common use is for private networks to attach to the Internet, and share one or more Internet-facing IP addresses.
Quote:
BTW, I set net.inet.ip.forwarding=1 but still need some PF commands to allow between interfaces.
|
You have not provided enough information for me to respond with a detailed reply. Here is general guidance:
- PF is designed to be pass-by-default. It will pass traffic unless explicitly provisioned to block.
- PF is required to provision NAT on OpenBSD. If your network architecture requires NAT, you will need to provision it with a PF rule.
If you want better guidance, provide a clearer picture of your intended network design.