LinuxQuestions.org - OpenBSD blocks every packets

- *BSD (https://www.linuxquestions.org/questions/%2Absd-17/)

- - OpenBSD blocks every packets (https://www.linuxquestions.org/questions/%2Absd-17/openbsd-blocks-every-packets-669089/)

OpenBSD blocks every packets

I installed OpenBSD 4.2 to use as a router. I followed every setup steps:
pf=YES
sysctl net.inet.ip.forwarding=1
dhcpd.conf
hostname.if (rl0 and bm0)

From the lan I get an ip from OBSD and I can ping the router.
From OBSD I get an ip from my ISP and I can ping www.google.ca.
Now, even with the simplest pf rules:
block in all
pass out all
I get nothing from the lan to the net, nothing goes through the router.

Does anyone have any idea what might be wrong?

Is the LAN subnet different from the one you get from your ISP? If so, you need to enable NAT on OpenBSD as anything from your LAN is going to go to your ISP with a non-routable source IP address.

try:

Code:

ext_if=rl0

int_if=bm0

nat on $ext_if from $int_if:network to any -> ($ext_if)

Of course, all this is explained in the documentation, which you really should read:
http://www.openbsd.org/faq/pf/nat.html

PS oh, of course nothing is getting passed. You're blocking all packets going into bm0 and rl0 (and actually, lo0 too), and you're only passing packets out of the interfaces. Since the only packets that go out and interface before they go in are packets from the machine itself, that's the only traffic that's getting out. Traffic from your LAN has to go in your internal interface before it goes out your external interface.

Really, read the FAQ.