|
|||
Wireless Setup With AuthPF Help
Hello,
I am trying to understand the following article with a slight variation for my setup. This will be a dedicated old slow machine that i have laying around that will just provide wireless access with authpf. I have an extra port open on the back of my main firewall so I will be using it (I am out of available pci slots for a wireless card) Here is the article --> http://home.nuug.no/~peter/pf/en/vegard.authpf.html IP address of Main Firewall :192.168.1.200 # this is the output of the main firewall into the wireless firewall server IP address of wireless firewall : 192.168.1.201 # this is the external interface on the wireless firewall Here is the modified code that I *think is good (please correct me if i am wrong) /etc/authpf/authpf.conf Code:
touch /etc/authpf/authpf.conf Code:
ext_if="em2" wi_if = "athn0" auth_web="192.168.27.20" table <authpf_users> persist match out on $ext_if from $wi_if:network nat-to ($ext_if) match in on $wi_if proto tcp from any to $myaddr port $tcp_in rdr-to $server match in on $wi_if proto udp from any to $myaddr port $udp_in rdr-to $server match in on on $wi_if proto tcp from ! <authpf_users> port 80 rdr-to $auth_web anchor "authpf/*" block all anchor "authpf/*" in on wi0 pass in on $wi_if inet proto tcp from any to $auth_web port 80 keep state pass in on $wi_if inet proto udp from any port 53 keep state pass in on $wi_if inet proto udp from any to $wi_if port 67 pass in on $wi_if inet proto tcp from any to $wi_if port 22 keep state /etc/authpf/authpf.rules Code:
ext_if = "em2" wi_if = "athn0" server = "192.168.27.15" myaddr = "213.187.n.m" # Services which live on the internal network # and need to be accessible tcp_services = "{ 22, 25, 53, 80, 110, 113, 995 }" udp_services = "{ 53 }" tcp_in = " { 22, 25, 53, 80, 993, 2317, pop3}" udp_in = "{ 53 }" pass in on $wi_if inet from <authpf_users> to ! $int_if:network keep state pass in on $wi_if inet proto tcp from <authpf_users> to $server port $tcp_in keep state pass in on $wi_if inet proto udp from <authpf_users> to $server port $udp_in keep state pass in on $wi_if inet proto tcp from <authpf_users> to $myaddr port $tcp_in keep state pass in on $wi_if inet proto udp from <authpf_users> to $myaddr port $udp_in keep state 1.This is the address of the web server? I will be installing apache httpd on the local machine eventually so this will be the ip of $ext_if? Code:
auth_web="192.168.27.20" 2. This is a table that openbsd knows? (in other words I do not need to create this?) Code:
table <authpf_users> persist 3. I do not understand this. n and m are placeholders of some sort that openbsd will replace with numbers? Code:
myaddr = "213.187.n.m" 4. Where did wi0 come from in this example? Code:
anchor "authpf/*" in on wi0 Sorry for so many questions and thanks in advance for your time helping me. |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
authpf setup | dbach | OpenBSD General | 14 | 19th January 2013 04:25 AM |
authpf, authpf.rules unable to modify filters | kbeaucha | OpenBSD Security | 16 | 10th May 2012 09:46 PM |
transparent firewall & authpf? | ll2ollvll3o | OpenBSD General | 2 | 10th April 2012 12:42 AM |
Question regarding wireless setup | stealintv | FreeBSD General | 5 | 19th September 2008 07:36 PM |
Wireless + wired = confused network setup | davidgurvich | FreeBSD General | 3 | 27th May 2008 06:10 PM |