View Single Post
  #5   (View Single Post)  
Old 26th January 2009
Quaxo Quaxo is offline
Port Guard
 
Join Date: Jun 2008
Posts: 29
Default

This is now my set up...
Code:
/root# pfctl -sn
nat on nfe0 from ! (nfe0) to any -> (nfe0) round-robin
/etc# pfctl -sr
block return log all
pass out log quick on nfe0 inet proto udp from 192.168.0.154 to <hidden-ip> port = ntp keep state
pass out log quick on nfe0 inet proto udp from 192.168.0.154 to <hidden-ip> port = ntp keep state
pass out log quick on nfe0 inet proto udp from 192.168.0.154 to <hidden-ip> port = ntp keep state
pass out log quick on nfe0 inet proto udp from 192.168.0.154 to <hidden-ip> port = domain keep state
pass in log quick on nfe0 inet proto udp from <hidden-ip> port = domain to 192.168.0.154 keep state
pass in log on nfe0 inet proto tcp from 192.168.0.102 to 192.168.0.154 port = ssh flags S/SA modulate state
If I try to open a web page on my laptop I see nothing in the log (tcpdump -n -e -ttt -i pflog0). "pfctl -ss" ouput shows only my three SSH connections from my workstation to the server and nothing about the laptop doing DNS or whatever. pflog0 seems to be working for other stuff anyway (I can see incomming connection attempts from random people).

Any more ideas? Would it help to see ifconfig and stuff?

/Quaxo
Reply With Quote