View Single Post
  #1   (View Single Post)  
Old 27th February 2013
petter petter is offline
Port Guard
 
Join Date: Feb 2013
Posts: 12
Default port redirection problem in pf

hello im new with openbsd. i having problems with port forwarding on my openbsd 5.2 dhcp server.
i have forwarded port 80 and port 443 to my web server, its working from outside my lokal network, but its not working to visit mydomain.com when im in my local network. what rule du i need for making this happen?
pf.conf :
Code:
# Set network interfaces
ext_if="em0" #internet
int_if="em1" #LAN

wwwserver = "192.168.1.12"
openvpn ="192.168.1.148"
windows ="192.168.1.15"

services = "{ http, https, domain }"

# Non-routable IP numbers
nonroutable = "{ 192.168.0.0/16, 127.0.0.0/8, 172.16.0.0/12, 10.0.0.0/8,
    0.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, 204.152.64.0/23, 224.0.0.0/3,
    255.255.255.255/32 }"

# Skip all loopback traffic
set skip on lo

# DEFAULT IS BLOCK IN FROM INTERNET, PASS ALL ELSE
block log all
pass on $int_if all
pass out on $ext_if all

block in log quick on $ext_if inet proto icmp from any to any icmp-type redir
block in quick on $ext_if from $nonroutable to any
block out quick on $ext_if from any to $nonroutable

# Allow inbound traffic on internal interface
pass quick on $int_if

# Protect against spoofing
antispoof quick for { lo $int_if }
#NAT
##web server##
pass in quick on $ext_if proto { tcp } from any to any port { http, https } flags S/SA rdr-to $wwwserver
##openvpn##
pass in quick on $ext_if proto { tcp, udp } from any to any port { 1194 } flags S/SA rdr-to $openvpn
pass in quick on $ext_if proto { tcp } from any to any port { 2301 } flags S/SA rdr-to $openvpn
##windows##
pass in quick on $ext_if proto { tcp, udp } from any to any port { 32400 } flags S/SA rdr-to $windows

block return-rst in log quick on $ext_if inet proto tcp from any to any
block return-icmp in log quick on $ext_if inet proto udp from any to any
block in quick on $ext_if all
Reply With Quote