On Sun, Oct 23, 2016 at 4:46 PM, Thuban <thu...@yeuxdelibad.net> wrote:
> Here are the relevant parts of my pf.conf :
>
> ext_if = "re0"
> tcp_pass = "{ gopher ipp 8000 }"
> udp_pass = "{ 1194 }"
>
> pass in quick on $ext_if proto tcp to any port $tcp_pass keep state
> pass in quick on $ext_if proto udp to any port $udp_pass keep state
>
> pass out on $ext_if from 10.8.0.0/24 to any nat-to $ext_if
>
> pass out on $ext_if proto { tcp udp icmp } all modulate state
Do you have rules that allow traffic in from tun0? Something like:
pass in quick on tun0 keep state
Otherwise traffic will reach OpenVPN but get no further, being blocked
coming out of the tunnel.
-ken
