Hi,
I change network speed and technology in my ISP. I had DSL with static ip 3Mbits, everything works ok. Now i have pppoe 6Mbits (static ip). This is what I change:
/etc/hostname.bge0 (interface connected to dsl modem):
"up"
/etc/hostname.pppoe0:
"inet 78.x.x.x 255.255.255.255 87.x.x.x \
pppoedev bge0 authproto pap \
authname 'xxxxxx@zzzzzzz.pl' authkey 'yyyyyyy' up
dest 87.x.x.x
!/sbin/route add default 87.x.x.x"
And of course in pf.conf I change ext_if="bge0", to ext_if="pppoe0".
Ok, its working now but i had problem with download speed. I get only ~300kB/s, so I made a changes:
net.inet.tcp.recvspace=65536
net.inet.tcp.sendspace=65536
in sysctl.conf
and now download speed is ok.
But after few days I notice that there is a problem accessing https sites, I can use gmail over https, but e-banking and other sites dosent work.
My pf.conf rule (just a part):
ext_if="pppoe0"
int_if="fxp0"
# nat
nat on $ext_if from "192.168.1.0/24" to any -> ($ext_if)
pass out quick on $ext_if proto tcp from ($ext_if) to any port {80,443}
pass in quick on $int_if proto tcp from ($int_if:network) to any port 443
Any traffic going on port 443 should go directly and now some part of this traffic are missed(?). It was work w/o any problems before changing dsl to pppoe...
Also I was try redirect traffic on 443 to squid, because when I type squid ip
ort in webbrowser (proxy) everything works ok.
This is my rule to redirect www trafic to squid:
rdr pass on $int_if proto tcp from ($int_if:network) to any port 80 -> 192.168.1.1 port 3128
and I try that same with https:
rdr pass on $int_if proto tcp from ($int_if:network) to any port 443 -> 192.168.1.1 port 3129
pfctl -f /etc/pf.conf
And dosent work
.
Thank you for any help.
ps. I have OpenBSD 4.3