Re: Help! pf.conf

["KoAps" <koaps@g3k.cc>]

Do you have these lines?

pass out on ext_if proto tcp all modulate state
pass out on ext_if proto udp all keep state



----------
-L8rs
KoAps

55 20 52 20
57 68 61 74
20 55 20 44
6F 21
----- Original Message -----
From: "Jenkins, Curtis" <cjenkins@epri.com>
To: <misc@openbsd.org>
Sent: Tuesday, March 12, 2002 11:02 AM
Subject: Help! pf.conf


> Hi,
>
> I'm new to OpenBSD, been working with it for two months trying to figure
it
> out. Got as far as every thing working exsept for pf.conf rules. It passes
> data but will not resolve dns. I have my ISP dns server as the dns server
to
> use. I have gone through all the man, faq pages and even sherch Google for
> info, that is how I got this far. I need to know if any can see anything
> wrong with my pf.conf file. I did it the long way for now, will compack it
> later wance I know more about it.
>
> Thanks
>
> Ext = "de0" #External Interface
> Int = "de1" #Internal Interface
>
> #Normalization of packets
> scrub in all
>
> #Don't let anyone spoof non-routable addresses
> block in quick on $Ext inet from 127.0.0.0/8 to any
> block in quick on $Ext inet from 192.168.0.0/16 to any
> block in quick on $Ext inet from 172.16.0.0/12 to any
> block in quick on $Ext inet from 10.0.0.0/8 to any
> block out quick on $Ext inet from any to 127.0.0.0/8
> block out quick on $Ext inet from any to 192.168.0.0/16
> block out quick on $Ext inet from any to 172.16.0.0/12
> block out quick on $Ext inet from any to 10.0.0.0/8
>
> #Lock down with defalt deny
> block in quick on $Ext inet from any to any
>
> #Let internal network traffic out
> pass out on $Ext inet from any to any keep state