DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 8th July 2009
birdmansdomain birdmansdomain is offline
Port Guard
 
Join Date: Jun 2009
Posts: 13
Thanked 0 Times in 0 Posts
Default Ok, i've tried but failed. Damn

So i've been working for past couple hours to get pf to forward to webserver on internal net,but no luck. I can nmap and get an open port from remote location but if i try to enter ip it just sits there for quite a while. I've read the debugging guide and still having trouble. I run tcpdump on both ext and int and they both show the packets on both passing though, so i guess the pf in is working but no out maybe??? Anyways heres my pf.conf any help would be great as there might be a whole pile hair under my chair by the time i figure this out.

ext_if="em0"
int_if="re0"
wifi_if="ral0"
local_net="{192.168.0.1/24, 192.168.1.1/24}"
server="{ 192.168.0.10 }"
icmp_types="echoreq"
tcp_flags="flags S/SA keep state"
table <abusers> persist

set require-order no
set skip on lo
scrub in all

nat on $ext_if from !($ext_if) -> ($ext_if:0)
rdr pass on $ext_if proto { tcp udp } from any to any port 80 -> $server port 80

block drop all
block in quick from <abusers>

pass out on $ext_if proto tcp all flags S/SA keep state
pass out on $ext_if proto { udp,icmp } all keep state

pass in quick inet proto icmp all icmp-type $icmp_types keep state
pass in quick on $ext_if proto { tcp udp } from any to $server port 80 flags S/SA synpro$
pass in quick on $wifi_if proto tcp to ($wifi_if) port ssh $tcp_flags (max-src-conn 8, m$
pass quick on { lo, $int_if, $wifi_if }

antispoof quick for { lo, $int_if, $ext_if, $wifi_if }
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
back-sql - SQLConnect() failed vol_o3 OpenBSD General 0 9th September 2009 09:36 AM
pfstat fopen failed: ? Calderon FreeBSD General 3 7th May 2009 08:52 AM
phpPgAdmin login failed gosha General software and network 14 17th March 2009 11:49 PM
Communication with su failed amandus OpenBSD Packages and Ports 7 17th July 2008 07:17 AM
Failed Installs dctr OpenBSD Installation and Upgrading 23 4th June 2008 04:25 AM


All times are GMT. The time now is 10:23 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick