I check and do everything what you say and this dosent work....
pf disabled: pfctl -d
mpath enabled (in sysctl.conf) and route added via hostname.if. OpenBSD rebooted. One more time: pfctl -d.
Then:
Code:
[15:02:43][root@xxx:~]# route -n show -inet
Routing tables
Internet:
Destination Gateway Flags Refs Use Mtu Prio Iface
default 178.x.y.z UGSP 3 1263 - 8 em0
default 87.x.y.z UGSP 1 212 - 8 pppoe0
10.8.0/24 10.8.0.2 UGS 0 0 - 8 tun0
10.8.0.2 10.8.0.1 UH 1 0 - 4 tun0
87.105.104.1 78.w.x.y UH 0 0 - 4 pppoe0
127/8 127.0.0.1 UGRS 0 0 33200 8 lo0
127.0.0.1 127.0.0.1 UH 1 7 33200 4 lo0
178.x.y/24 link#1 UC 1 0 - 4 em0
178.x.y.z 00:1b:21:0b:45:6c UHLc 1 0 - 4 em0
192.168.1/24 link#3 UC 5 0 - 4 fxp0
192.168.1.186 00:26:9e:78:2b:55 UHLc 1 3 - 4 fxp0
192.168.1.217 00:10:a7:22:ee:c1 UHLc 0 1018 - 4 fxp0
192.168.1.234 00:26:18:ef:86:47 UHLc 0 76 - 4 fxp0
192.168.1.248 00:24:7e:dd:e0:c8 UHLc 1 471 - 4 fxp0
192.168.1.255 link#3 UHLc 1 50 - 4 fxp0
224/4 127.0.0.1 URS 0 0 33200 8 lo0
[15:03:02][root@xxx:~]#
tcpdump from remote connection to ssh:
Code:
Connection to ssh (pppoe0) from internet:
[15:07:20][root@xxx:~]# tcpdump -i pppoe0 port 50022
tcpdump: listening on pppoe0, link-type PPP_ETHER
15:07:37.081892 79.x.y.z.1112 > 78.w.x.y.50022: S 0:0(0) win 64240 <mss 1354,nop,nop,sackOK> (DF)
15:07:40.009122 79.x.y.z.1112 > 78.w.x.y.50022: S 0:0(0) win 64240 <mss 1354,nop,nop,sackOK> (DF)
15:07:45.070270 79.x.y.z.1112 > 78.w.x.y.50022: R 1:1(0) win 0
15:07:45.872714 79.x.y.z.1112 > 78.w.x.y.50022: S 0:0(0) win 64240 <mss 1354,nop,nop,sackOK> (DF)
[15:06:32][root@xxx:~]# tcpdump -i em0 port 50022
tcpdump: listening on em0, link-type EN10MB
15:07:37.081928 78.w.x.y.50022 > 79.x.y.z.1112: S 4021557824:4021557824(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:40.009147 78.w.x.y.50022 > 79.x.y.z.1112: S 4021557824:4021557824(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:40.081000 78.w.x.y.50022 > 79.x.y.z.1112: S 4021557824:4021557824(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:45.872741 78.w.x.y.50022 > 79.x.y.z.1112: S 397263719:397263719(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:48.869635 78.w.x.y.50022 > 79.x.y.z.1112: S 397263719:397263719(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:07:54.882299 78.w.x.y.50022 > 79.x.y.z.1112: S 397263719:397263719(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
15:08:06.907544 78.w.x.y.50022 > 79.x.y.z.1112: S 397263719:397263719(0) ack 1 win 16384 <mss 1452,nop,nop,sackOK> (DF)
Connection refused. As we can see packet pass in via pppoe0 and try pass out via em0.
Code:
Connection to ssh (em0) from internet:
[15:08:52][root@xxx:~]# tcpdump -i pppoe0 port 50022
tcpdump: listening on pppoe0, link-type PPP_ETHER
[15:08:52][root@xxx:~]# tcpdump -i em0 port 50022
tcpdump: listening on em0, link-type EN10MB
15:09:02.576896 79.x.y.z.1113 > 178.w.x.y.50022: S 651286537:651286537(0) win 64240 <mss 1354,nop,nop,sackOK> (DF)
15:09:02.576950 178.w.x.y.50022 > 79.x.y.z.1113: S 1761386290:1761386290(0) ack 651286538 win 16384 <mss 1460,nop,nop,sackOK> (DF)
15:09:02.901824 79.x.y.z.1113 > 178.w.x.y.50022: . ack 1 win 64240 (DF)
15:09:02.914818 178.w.x.y.50022 > 79.x.y.z.1113: P 1:22(21) ack 1 win 17602 (DF)
15:09:04.966413 79.x.y.z.1113 > 178.w.x.y.50022: P 1:29(28) ack 22 win 64219 (DF)
15:09:04.968072 178.w.x.y.50022 > 79.x.y.z.1113: P 22:878(856) ack 29 win 17602 (DF)
15:09:04.982650 79.x.y.z.1113 > 178.w.x.y.50022: P 29:541(512) ack 22 win 64219 (DF)
15:09:05.005865 79.x.y.z.1113 > 178.w.x.y.50022: P 541:669(128) ack 22 win 64219 (DF)
15:09:05.005896 178.w.x.y.50022 > 79.x.y.z.1113: . ack 669 win 17474 (DF)
15:09:05.120993 79.x.y.z.1113 > 178.w.x.y.50022: P 669:685(16) ack 878 win 63363 (DF)
15:09:05.128536 178.w.x.y.50022 > 79.x.y.z.1113: P 878:1414(536) ack 685 win 17602 (DF)
15:09:05.462415 79.x.y.z.1113 > 178.w.x.y.50022: . ack 1414 win 64240 (DF)
15:09:05.472540 79.x.y.z.1113 > 178.w.x.y.50022: P 685:1197(512) ack 1414 win 64240 (DF)
15:09:05.472734 79.x.y.z.1113 > 178.w.x.y.50022: P 1197:1213(16) ack 1414 win 64240 (DF)
15:09:05.472764 178.w.x.y.50022 > 79.x.y.z.1113: . ack 1213 win 17586 (DF)
15:09:05.571596 178.w.x.y.50022 > 79.x.y.z.1113: P 1414:2518(1104) ack 1213 win 17602 (DF)
15:09:05.854983 79.x.y.z.1113 > 178.w.x.y.50022: . ack 2518 win 63136 (DF)
15:09:05.932382 79.x.y.z.1113 > 178.w.x.y.50022: P 1213:1229(16) ack 2518 win 63136 (DF)
15:09:05.932562 79.x.y.z.1113 > 178.w.x.y.50022: P 1229:1281(52) ack 2518 win 63136 (DF)
15:09:05.932595 178.w.x.y.50022 > 79.x.y.z.1113: . ack 1281 win 17550 (DF)
15:09:05.932724 178.w.x.y.50022 > 79.x.y.z.1113: P 2518:2570(52) ack 1281 win 17602 (DF)
15:09:06.251843 79.x.y.z.1113 > 178.w.x.y.50022: . ack 2570 win 63084 (DF)
Connection established.
79.x.y.z - My home ip
178.w.x.y - OpenBSD em0
78.w.x.y - OpenBSD pppoe0
Also there is no mygate file:
Code:
[15:16:19][root@zgkim:~]# ls /etc/mygate
ls: /etc/mygate: No such file or directory