[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: vnc and pf
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: vnc and pf
- From: Jason Opperisano <opie_(_at_)_817west_(_dot_)_com>
- Date: Tue, 28 Dec 2004 12:22:47 -0500
- Cc: Jayel Villamin <jarthel_(_at_)_gmail_(_dot_)_com>
On Tue, 2004-12-28 at 11:57, Jayel Villamin wrote:
> I have been looking at this tcpdump log for the last hour.
> 03:26:46.533038 192.168.1.2.1115 > 192.168.2.2.5905: S
> 111902708:111902708(0) win 65535 <mss 1460,nop,nop,sackOK> (DF)
> I have 2 subnets behind my obsd firewall. 192.168.1.0/24 and 192.168.2.0/24.
> as can be seen in the log, I'm trying to connect (via VNC) from
> 192.168.1.2 to 192.168.2.2. But every time I try it, PF blocks the
> connection which is correct cause the first packet filtering rule is a
> "block log all".
> I have tried numerous rule combo without much luck. I am not an expert
> with tcp internals so I really really appreciate if you could write
> the rule for me. Thanks :)
have you looked through:
and also: man 5 pf.conf
in the spirit of the season:
pass inet proto tcp from 192.168.1.2 to 192.168.2.2 port = 5905 \
flags S/SA keep state
"Oh, so they have internet on computers now!"
Visit your host, monkey.org