Sorry for that is was a problem of the soft I use to dump the packets. It has done something wrong with the rpobes and crashed PF somehow.
Reboot solved it. Regards. 2009/8/9 Jean-Frangois SIMON <jfsimon1...@gmail.com> > Hi > > I did something wrong is doing networks change yesterday and now the sub > network has no internet access anymore. This scheme below used to work very > well. > > I am struggling in order to find why packets from the sub network do not > reach anymore the DSL box ? > > Please could you indicate where to look. > > - The OpenBSD box has access to internet (lynx works to access the web). > - from the sub net I can ping 10.0.1.1 and 192.168.0.10 but not 192.168.0.1 > - PF does not block the packets from 10.0.1.* to 192.168.0.1 > - with tcpdump I can see that packets are not forwarded to ext_if when they > need to reach 192.168.0.1 > - The pf.conf rules have not changed therefore should not be the problem > here > - route default is set to 192.168.0.1 > - subnet machines are set correctly (as before when it worked) > > Subnet machines > 10.0.1.* > > 10.0.1.1 int_if > OpenBSD firewall using NAT rules > 192.168.0.10 ext_if > > ADSL box > 192.168.0.1 > > Internet
