Thanks Your guide learn me many thing .my experience with FreeBSD and OpenBSD is good .but my experience with FreeBSD is much better . In work place I run FreeBSD server for Samba and NAT and this server work good and work like charm , but I do not know why PF does not work good , if you see my conf , you see my conf does not has problem , but I do not know why this conf does not work good , and sometimes some users do not have internet and can not browse webpage but they can chat with messenger . I want migrate from FreeBSD to OpenBSD , yesterday I install OpenBSD 5 amd64 and run samba server with OpenBSD and it work good . In first step I run samba server with OpenBSD , and after this I want run NAT server with OpenBSD . And for start I want understand , is my PF.conf work in OpenBSD or no ? I hate Windows OS , and want only run all of my servers with BSD, specially OpenBSD. Thanks in advance On Nov 8, 2011 5:32 PM, "David Walker" <[email protected]> wrote:
> Mostaf Faridi <mostafafaridi () gmail ! com> wrote: > > My problem is this I do not enough time to start from scratch and make > new > > rule . > > If you were moderately familiar with OpenBSD you could have, in the > time between the start of this thread and now, read pf.conf for > OpenBSD 5.0 and written on paper or wherever a complex ruleset. > If your boss won't allocate time for this and expects you to outsource > it to the web and whatever then he's doing it wrong. > You don't have a good enough familiarity with OpenBSD (or FreeBSD) to > know where to start. Right? > > If you do plan to migrate then you should build a machine, install > OpenBSD 5.0, write a ruleset and test it. > In your workplace, testing may mean swapping the machines until > everyone complains and you swap them back and try again but doing it > the way you're doing it now (no experience, asking for copy and paste > administration, no testing) is wrong. > > > in my work place , my boss find another person can do internet > > sharing with Windows 2008 and ISA and this person say he can make best > > internet sharing server > > So you want pf on OpenBSD and don't want to see a Windows machine ... > ... but you're not interested in reading about pf on OpenBSD ... > > Who's running the current FreeBSD machine? > How come they can't understand it? > Why not troubleshoot that? > Etcetera ... > How will swapping to a new operating system be better than using the > current one which almost works? > > If you want to stay with FreeBSD you should at a minimum understand > your current ruleset (removing any non-essential lines might be a good > start) if you want to get help on it. Again though you're in the wrong > place. > Can you explain what every line in the pf.conf you sent is for? > If not, find out, if it does nothing, delete it, whatever. > > Describe your network, do you have issues with DNS, do you have a http > proxy, what tests have you done from clients, etcetera ... > Have you looked here: > > http://www.freebsd.org/cgi/man.cgi?query=pfctl&sektion=8&manpath=FreeBSD+8.2-RELEASE > So on and so forth. > > Under those circumstances, maybe Windows is the better choice. > Certainly without any relevant OpenBSD experience you're better off > with FreeBSD right? > > > I said before my my pf.conf in FreeBSD work good , but sometimes some > user > > lost internet and they can not browse web pages , but they can chat with > > paltalk , after reboot or disbable or enable PF this problem solve . > > Fine. > You have choices. > > Fix your current setup which should involve reading the FreeBSD > pf.conf documentation and talking to people on the FreeBSD lists. > Goodbye. > > Build an OpenBSD machine, in which case, talk to you when you've got a > machine running and you have some more appropriate questions. People > will help you. > > Either way you're should be willing to invest time and if you won't do > that on your own and your boss doesn't want you to do it in work time > then let the Windows people worry about it. Good times. > > Best wishes.
