[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF and NAT (simple) -(solved)

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: PF and NAT (simple) -(solved)
From: "Fehmi Noyan Isi _EEE01" <fni18444_(_at_)_mail2_(_dot_)_gantep_(_dot_)_edu_(_dot_)_tr>
Date: Sat, 9 Oct 2004 18:50:27 +0300

OK,the problem is solved by settin the DNS server address of the machines 
included in the LAN manually.

 Thanks all the people for advices and help....

On Sat, 9 Oct 2004 00:16:53 +0300, Fehmi Noyan Isi _EEE01 wrote
> OLD MESSAGE 
> Read this if you did not read it before.
> ######################################################
> hi
> 
> System : OpenBSD 3.5 GENERIC i386
> 
> I am trying to connect my PCs to net over an OpenBSD NAT gateway. 
> There are two ethernet interfaces on my openbsd box. external is 
> "vr0" (which is connected to internet) and internal is (which is 
> connected to switch) "rl0".
> 
> # echo dhcp > /etc/hostname.vr0 
> # echo "inet 192.168.0.1 255.255.255.0 NONE" > /etc/hostname.rl0 
> (I also tried 192.168.0.0!) 
> then edited /etc/sysctl.conf, /etc/pf.conf and /etc/rc.conf files 
> and added the lines below
> 
> in /etc/sysctl.conf 
> ---------------------- 
> net.inet.ip.forwarding=1
> 
> in rc.conf 
> ------------ 
> pf=YES
> 
> in pf.conf 
> ------------ 
> ext_if="vr0" 
> int_if="rl0"
> 
> nat on $ext_if from $int_if:network to any -> ($ext_if)
> 
> And the output of my "pfctl -sn" is 
> nat on vr0 from inet 192.198.0.0/24 to any -> (vr0)
> 
> I can connect to internet with my openbsd box. And ping the other 
> machine on my network (and also to another machine on the internet). 
> But other machine 
> (which I pinged before) cannot connect to internet! What is wrong? 
> Is there a problem with IP address of rl0? If I use dhcp for rl0,
>  but interface cannot get the IP addresses (I know from output of 
> "ifconfig -a" and "errors given by PF")
> 
> Thanks for your advices...
> 
> ####################################
> END OF OLD MESSAGE
> 
> /etc/pf.conf
> -------------------
> ext_if="vr0" 
> int_if="rl0"
> 
> nat on $ext_if from $int_if:network to any -> ($ext_if)
> 
> pass out on $ext_if from $int_if:network to any keep state
> pass in  on $ext_if from any to $int_if:network keep state
> ---------------------------------------------------------------
> 
> Here I should add something. The "pass" lines have just been added. 
> So, when I sent the first message, the "pass" lines were not present 
> (I know this is foolish! :(  ) I also used "any" instead of 
> "$int_if:network". Nothing changes!
> 
> IP of ext ethernet interface : successfully given from DHCP
> IP of int ethernet interface : 192.168.0.1/24 (from /etc/hostname.rl0)
> 
> The assigned IP of other machine in my LAN : 192.168.0.165
> Gateway for other machine in my LAN : 192.168.0.1 (my int card)
> 
> The system is rebooted several times for different trials.
> I can ping other machine in my network and also it can ping me 
> successfully. But it cannot reach any web page! And also, he cannot 
> view me from "my network places"!.
> 
> The other file configurations can be seen from the "OLD MESSAGE".

References:
- PF and NAT (simple) -(sysctl.conf has been edited already)
  - From: Fehmi Noyan Isi _EEE01
- Re: PF and NAT (simple) -(after the advices)
  - From: Fehmi Noyan Isi _EEE01

Prev by Date: Re: rc-NG in OpenBSD?
Next by Date: ALTQ Bittorrent Woes
Previous by thread: Re: PF and NAT (simple) -(after the advices)
Next by thread: [Fwd: Re: Altq beginner question]
Index(es):
- Date
- Thread

Visit your host, monkey.org