LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices

Reply
 
Search this Thread
Old 09-10-2008, 11:51 PM   #1
mixtr
Member
 
Registered: Jul 2004
Location: Ottawa
Distribution: Arch, OpenBSD
Posts: 123

Rep: Reputation: 17
Unhappy OpenBSD blocks every packets


I installed OpenBSD 4.2 to use as a router. I followed every setup steps:
pf=YES
sysctl net.inet.ip.forwarding=1
dhcpd.conf
hostname.if (rl0 and bm0)

From the lan I get an ip from OBSD and I can ping the router.
From OBSD I get an ip from my ISP and I can ping www.google.ca.
Now, even with the simplest pf rules:
block in all
pass out all
I get nothing from the lan to the net, nothing goes through the router.

Does anyone have any idea what might be wrong?
 
Old 09-11-2008, 12:17 AM   #2
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Is the LAN subnet different from the one you get from your ISP? If so, you need to enable NAT on OpenBSD as anything from your LAN is going to go to your ISP with a non-routable source IP address.

try:
Code:
ext_if=rl0
int_if=bm0
nat on $ext_if from $int_if:network to any -> ($ext_if)
Of course, all this is explained in the documentation, which you really should read:
http://www.openbsd.org/faq/pf/nat.html

PS oh, of course nothing is getting passed. You're blocking all packets going into bm0 and rl0 (and actually, lo0 too), and you're only passing packets out of the interfaces. Since the only packets that go out and interface before they go in are packets from the machine itself, that's the only traffic that's getting out. Traffic from your LAN has to go in your internal interface before it goes out your external interface.

Really, read the FAQ.

Last edited by chort; 09-11-2008 at 12:19 AM.
 
  


Reply

Tags
openbsd, pf, router


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Fsck errors in the Linux filesystem on my OpenBSD laptop NOT caused by OpenBSD LXer Syndicated Linux News 1 08-31-2008 03:15 AM
LXer: OpenBSD: The OpenBSD Foundation LXer Syndicated Linux News 0 07-26-2007 10:31 AM
OpenBSD - Where can i get OpenBSD 3.7 ISO CD -- Please help me b:z Linux - Software 1 04-07-2005 08:46 AM
packets sent VS packets received fsasya Linux - Networking 0 07-18-2004 07:11 PM
encapsulating TCP packets in UDP packets... yoshi95 Programming 3 06-03-2004 02:53 PM


All times are GMT -5. The time now is 03:43 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration