DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 19th January 2013
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 105
Thanked 0 Times in 0 Posts
Default Giving Two Seperate Networks Internet With PF

Hello again.

I have two networks that I am trying to keep separate but allow internet access to each.

Code:
EXT="pppoe0"
INT1="re1"
INT2="re2"

INT_NET1= "{ 192.168.0.2, 192.168.0.3 }"
INT_NET2= "{ 10.0.0.2, 10.0.0.3 }"

block log all
set block-policy drop

match log on pppoe0 scrub (reassemble tcp max-mss 1440) 

nat on $EXT from $INT_NET1 -> ($EXT:0)
nat on $EXT from $INT_NET2 -> ($EXT:0)

pass out on $EXT inet from any to any
pass in on $INT inet from $INT_NET1 to any
pass in on $INT inet from $INT_NET2 to any
hostname.re1
Code:
inet 192.168.0.1 255.255.255.0
hostname.re2
Code:
inet 10.0.0.1 255.0.0.0

Traffic coming from INT_NET1 can get to the internet but traffic on INT_NET2 cannot.

This seems very simple and like it shoudl work, what am I doing wrong (and thanks in advance)
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Introduction to TCP/IP networks jggimi Guides 18 7th September 2012 12:37 PM
How secure are wireless home networks? JMJ_coder General software and network 37 18th April 2011 04:04 PM
The unknown /etc/networks file J65nko Guides 5 22nd January 2010 03:38 AM
CodeWeavers giving away all software Tuesday Oct 28th fast_replies Off-Topic 9 30th October 2008 12:14 AM
DMZ for two networks users... maurobottone OpenBSD Security 6 2nd June 2008 02:57 PM


All times are GMT. The time now is 04:13 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick