Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 20th August 2009
slakic slakic is offline
New User
Join Date: Aug 2009
Posts: 1
Default PF Configuration for newbie

Hi all,
I am Unix newbie, and recently i've set up a OpenBSD box to route between my two subnets. The problem is, I never managed to make it work.

I've enabled ip forwarding, and turned pf on, and made some rules in my pf.conf, but packets simply won't route.

Here's my ifconfig

lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33204
        priority: 0
        groups: lo
        inet netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
        lladdr 00:50:ba:3e:7b:b9
        priority: 0
        media: Ethernet autoselect (none)
        status: no carrier
        inet netmask 0xffffff00 broadcast
        inet6 fe80::250:baff:fe3e:7bb9%rl0 prefixlen 64 scopeid 0x1
        lladdr 00:05:5d:fc:c8:8a
        priority: 0
        groups: egress
        media: Ethernet autoselect (100baseTX full-duplex)
        status: active
        inet netmask 0xffffff00 broadcast
        inet6 fe80::205:5dff:fefc:c88a%vr0 prefixlen 64 scopeid 0x2
enc0: flags=0<> mtu 1536
        priority: 0
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33204
        priority: 0
        groups: pflog
and my rules

# pfctl -sn
nat on rl0 inet from to any ->
nat on vr0 inet from to any ->
# pfctl -sr
scrub in all fragment reassemble
pass in all flags S/SA keep state
pass in inet proto icmp all icmp-type echoreq keep state
pass out inet proto icmp all icmp-type echoreq keep state
block drop in on ! lo0 proto tcp from any to any port = 6000
could someone please give me a hint, what ma I doing wrong!


Last edited by Carpetsmoker; 20th August 2009 at 08:41 PM. Reason: Add [code] tags for the sake of readability.
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Newbie kernel question sbonar Programming 11 17th August 2009 11:40 PM
k3b, configuration. maxrussell FreeBSD Ports and Packages 4 3rd March 2009 04:23 AM
What makes a perfect newbie? jggimi Feedback and Suggestions 32 19th October 2008 02:58 AM
FreeBSD 7.0, tightvnc and jdk16 - newbie master-richie FreeBSD Ports and Packages 5 9th July 2008 04:45 PM
Newbie NAT problem TiN-MAN FreeBSD Installation and Upgrading 2 26th June 2008 06:42 AM

All times are GMT. The time now is 07:42 AM.

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick