I just read over my first post, a note would be that it does work perfectly outbound the only thing not working is ICMP and UDP inbound
On 5 April 2017 at 10:34, Paul Webster <[email protected]> wrote: > Thank you for the fast reply mark, here is a list of interfaces with there > relative ips: > > GW1(local lan gateway): > lo0: 127.0.0.1 ::1 > igb0: 86.5.192.180 (public_ip) > igb1: 172.31.33.1/24 (private lan) > msk0: unused/192.168.0.1 > tun0: 172.19.20.2 > gre0: 10.0.0.1 (via igb0) > > GW2(vps remote gateway): > lo0: 127.0.0.1 ::1 > vio0: 185.157.232.30 > gre0: 10.0.0.2 (via vio0) > > Xbox1 ( GW1[igb1->gre0] -> GW2[gre0->vio0] ): > lo0: 127.0.0.1 ::1 > vtnet0: 172.31.33.254 > > NOTE: xbox1 in this case is really freebsd 12-current with the forced ip > 172.31.33.254, because xbox really is to restrictive for debug purposes, > all it requires is that I set the correct dhcp-host on GW1 to make the > xbox1 172.31.33.254 though. > > Also the $localnet is really { 172.31.33.2-200 } so when the XBOX is > 172.31.33.254 > it is not going out via primary NAT rule it is instead getting caught by > > pass in quick on $int_if from $josh_xbox rtable 1 # Swap packets > from the xbox to fib1 routing table > > and the corresponding NAT further up the ruleset, the 'default route' of > 'fib 1' is 10.0.0.2 > > > _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[email protected]"
