Right now I'm browsing on lynx. I am building a gateway/nat/firewall
on my mini OpenBSD box. I need a little help on this, I'm a bit stuck.
I've consulted the manual pages about 1,000 times and refered to a few
sites online. Hope no one minds giving me a hand =)

Alright on with my problem. I've been currently attempting to build
an OpenBSD (3.6) firewall. The firewall is intended to be a Gateway /
Firewall for my LAN.

I've been having a few problems with what I'm pretty sure seems to be
the DNS (supposed to be obtained automatically). While using the
router I was checking the DHCP-client end of it to see the
assignments matched the ones that I had on my OpenBSD box.
They didn't match. Not even the IP matched. It's odd because when
ever I tried to manually set the address to the former (set the ip
as seen when using the router), it didn't work. Although when I just
allowed dhclient to auto-fetch everything, it worked... the one
problem is my LAN though. No one on the LAN is able to get online.
I enabled net.inet.forward=1 (I'm going by memory with the names in
sysctl.conf). Then just to test I enabled pf, configured pf.conf
with the lines reading: (I'm going by mem. again somethings might be
a little goofy.)
ext_if = "xl0"
int_if = "rl0"

## Trafficing
scrub in fragment reassemble all

## NAT
nat on $ext_if from 192.168/24 to any -> $ext_if

## Filter
pass all # To test.

I can't really say as to where I messed up... if anyone wants all
of the configuration files, I'll just upload them.

Oh yeah forgot to add...
IP for OpenBSD box: 192.168.0.1 (rl0)
Subnet-mask: 255.255.255.0 (rl0)
Broadcast-address: 192.168.0.255 (rl0)# I think this is the odd part...

Netmask... or maybe broadcast-addr. Maybe it's even the DNS...
actually I think the DNS is 192.168.0.1, so this might be the problem.

Once again, thanks guys.

Well it's rather hard to tell from your post whether you're trying to configure a static IP on a DHCP-enabled segment, or if you are attempting to use DHCP for your external address, so perhaps you could clarify that.

One thing to note is that the syntax (interface) means "the current IP of interface", which is required if you're using interfaces that get their IP from DHCP. If your external IP is assigned by DHCP, then you need to change
nat on $ext_if from 192.168/24 to any -> $ext_if
to
nat on $ext_if from 192.168/24 to any -> ($ext_if)

Also, how are you assigning your internal IPs, gateway, and DNS settings? OpenBSD won't assign DHCP leases unless you explicitly configure DHCPd. You could of course manually assign values to your internal hosts, but it doesn't sound like you know what values to assign.

For the internal IP addresses, I'm attempting to use DHCPD. I have it
setup so that they at least obtain an IP address out of the, "pool" of
IP addresses (192.168.0.2 through 192.168.0.24). I think you're right
though. I actually do think I'm getting myself caught up into trying
to assign a static IP to a DHCP IP. I'm pretty confused myself since
the ones on the network that obtain their IP address, they can connect
to only the OpenBSD gateway. That's it. When I checked the states
on pfctl -s state. I would see output that looked like...

xxx.xxx.xxx.xxx(Internal net):xx(port) <- xxx.xxx.xxx.xxx(person on network)
Then it would say on the far right some kind of message of what it
was doing. Wether it would be established or what not. Although it
wouldn't ever show anything from the LAN connecting to the external
NIC. So I think I am doing something wrong with the assignments of
the IP addresses. Any more suggestions?

Thanks for the response by the way.

I don't think I'll need to post on this thread anymore. I just found on this forum (*BSD section), a thread of a person that's practically in my boat. =) I guess I didn't look everywhere then. I'll post there.

No, you're extremely confused because you do not have the same problem that rcottere has.

If your internal machines are getting an IP from DHCP and you can see their state established in PF, then things are mostly setup correctly. I still think you don't have your client DNS settings right. You won't be able to resolve the addresses of anything on the Internet if your DNS settings are incorrect.

Ouch. Yeah then that might (or is) my problem. You know anyway to fix this? I'm pretty unsure as to where OpenBSD houses the configuration. I'll try to figure it out, if anyone responds thanks ahead of time.