Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 30th November 2018
thefronny thefronny is offline
Port Guard
Join Date: Oct 2008
Posts: 37
Default Default route has changed

I had a little hiccup tonight and am not sure if I applied the right fix.

System, my firewall, was fine. I applied the most recent patches (005_ - 008_) without issue and rebooted. Everything came up OK but I couldn't get out to the internet. I could ping all the machine's interfaces, and the inside address of the router but there it stopped. Long story short; the default route had been, the outside IP address of the firewall. I'm under the impression this is set at boot by the content of /etc/mygate. The fix was to 'route flush' and set the route to, the inside address of the router. I have no idea why no longer worked as the default route. pf's rules had not been changed, and I have changed nothing on the router itself because I locked myself out a couple weeks ago with a fat finger and since it was working fine I haven't bothered to reset it. Assuming having the four new patches installed is just a cosmic coincidence. The reboot might be the culprit.

My question is, from a security standpoint, does it matter which interface is used as the default route as long as it routes? The router has firewall capability but I have disabled it as I like running my own firewall to see who is poking at my system and to make learning this stuff the real deal. The router is now pretty much just a modem between the copper and the CAT5. Is there a security issue involved with the routing as it is, to the router's inside interface rather than the firewall's outside interface?

Thanks much, hope this is clear.
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Route some ip outside VPN afdruiprek OpenBSD Security 13 29th August 2017 02:41 PM
Route to enc0 WeakSauceIII OpenBSD Security 11 1st June 2015 07:40 PM
No Route to Host rtwingfield FreeBSD Installation and Upgrading 9 25th May 2015 03:05 AM
route on openbsd hpabsdbeginner1 OpenBSD General 2 15th April 2014 07:17 PM
Can the default python be changed to a newer version? Mr-Biscuit FreeBSD General 5 7th April 2011 05:33 AM

All times are GMT. The time now is 06:03 PM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick