|
|||
Need help with pf rules
Hello,
I have a VM with an IP 10.0.0.5 on an OpenBSD host. I want to send all of the VM's traffic through Tor on the host, so I add this rule to the host's default pf.conf: Code:
pass in proto { udp tcp } from 10.0.0.0/24 to any port domain rdr-to 127.0.0.1 port 9050 |
|
|||
I got a new rule, but it didn't work either:
Code:
pass in proto { udp tcp } from 10.0.0/24 to { any !192.168.1/24 } rdr-to 127.0.0.1 port 9050 |
|
|||
It is fine if the rule does not apply the "!192.168.1/24", but it should re-direct the internet packets through Tor. In fact, the VM cannot access the internet at all.
|
|
||||
Add the log option to your rules, so that you can then inspect which rules actually pass or block your traffic with something like
# tcpdump -ni pflog0 . Assigned rule numbers can be seen with # pfctl -vvsr . It is a lot faster to see your own traffic pass and block, than it is to post a rule or two on a forum and wait with hope that someone can figure out what may be happening.
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
pf rules | calanon | OpenBSD Security | 3 | 29th July 2019 12:16 PM |
DOAS(1) rules | jjstorm | OpenBSD General | 8 | 11th April 2016 08:09 PM |
PF Rules for DoS | chazz | FreeBSD Security | 3 | 14th July 2009 09:35 PM |
Help with pf rules | TerranAce007 | OpenBSD General | 4 | 16th January 2009 10:14 PM |