DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 23rd July 2011
thefronny thefronny is offline
Port Guard
 
Join Date: Oct 2008
Posts: 37
Default 4.8 -> 4.9 and internet access stops

I'm trying to move to 4.9 from 4.8. It's a fresh install on a different disk. I've copied over all the old network config files and pf.conf and am using them. I've edited the wireless's hostname.ral0 file to account for the syntax change. All the interfaces are the same (I'm swapping disks back and forth to get on the internet). Using the 4.9 disk I can ssh in from my internal network to the 4.9 firewall and from there ping, say, oracle.com. I can ping from the internal network too. But I cannot get incoming on port 80.

Nothing has changed anywhere except I'm using a 4.9 install for the firewall. There must be a 4.8 -> 4.9 gotcha, perhaps in pf, that's breaking internet. Can I not re-use config files from 4.8?

thx,

tf
Reply With Quote
  #2   (View Single Post)  
Old 23rd July 2011
thefronny thefronny is offline
Port Guard
 
Join Date: Oct 2008
Posts: 37
Default

Ha! Internet access stopped because I hadn't uncommented IP forwarding in sysctl.conf.

My thanks to Rocket357! His post under another topic mentioned IP forwarding. I wandered by, read that and hit me. Was that serendipidous or what?
Reply With Quote
  #3   (View Single Post)  
Old 14th August 2011
Kasperl Kasperl is offline
New User
 
Join Date: Aug 2011
Posts: 3
Default

You could add forwarding to the /etc/rc.local which won't be overwritten on new updates:
Code:
sysctl -w net.inet.ip.forwarding=1
Reply With Quote
  #4   (View Single Post)  
Old 14th August 2011
rocket357's Avatar
rocket357 rocket357 is offline
Real Name: Jonathon
Wannabe OpenBSD porter
 
Join Date: Jun 2010
Location: 127.0.0.1
Posts: 429
Default

Quote:
Originally Posted by thefronny View Post
My thanks to Rocket357! His post under another topic mentioned IP forwarding.
heh. Glad I could help.
__________________
Linux/Network-Security Engineer by Profession. OpenBSD user by choice.
Reply With Quote
  #5   (View Single Post)  
Old 14th August 2011
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

sysctl.conf is not overwritten during updates. The etcXX.tgz fileset merging must be done by the admin, either manually or with sysmerge(8).
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PF cannot access Internet from internal network gpatrick OpenBSD Security 3 29th August 2010 10:59 PM
Gtk2 stops compiling in work subdirectories. Mr-Biscuit NetBSD Package System (pkgsrc) 5 15th June 2010 01:37 PM
Apache Randomly Stops Working plexter OpenBSD Packages and Ports 21 4th May 2009 04:41 PM
Internet Access Problem OpenBSD 4.3 alcy OpenBSD General 3 19th September 2008 06:00 PM
Internet access within jail Weaseal FreeBSD General 5 26th June 2008 02:45 PM


All times are GMT. The time now is 04:25 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick