I apologize for the confusion but didn't realize that my question wasn't clear enough!
Well, the whole story was to have a server in the LAN (actually a range of servers!) where only NAT and no firewall had to be enabled. Users from Internet should have full access to all the ports of these servers! Probably, from a design point of view, I had to create a separate LAN (an extra NIC on my OpenBSD box) and connect all these 'weird' machines to this subnet? In any case I would like to thank the people in the list who took the time to correct my faulty rdr rule in the pf.conf. George On Saturday 14 May 2005 23:42, Jason Dixon wrote: > On May 14, 2005, at 5:25 PM, GV wrote: > > Hi, > > > > I have a situation where an internal (located in a LAN and behind a > > OpenBSD > > firewall/NAT) has to be fully exposed to the Internet! What's the best > > way to > > acieve that? > > Sorry, your question makes no sense. What are you trying to "achieve"? > Are you asking about the filtering done on the firewall? Tightening > down the users and/or services on the server? Please don't make us > guess. > > -- > Jason Dixon > DixonGroup Consulting > http://www.dixongroup.net
