On 2009-08-09, Jean-Frangois SIMON <[email protected]> wrote: > Sorry for that is was a problem of the soft I use to dump the packets. > It has done something wrong with the rpobes and crashed PF somehow.
can you repeat this? please try and give some more details. > > Reboot solved it. > > Regards. > > 2009/8/9 Jean-Frangois SIMON <[email protected]> > >> Hi >> >> I did something wrong is doing networks change yesterday and now the sub >> network has no internet access anymore. This scheme below used to work very >> well. >> >> I am struggling in order to find why packets from the sub network do not >> reach anymore the DSL box ? >> >> Please could you indicate where to look. >> >> - The OpenBSD box has access to internet (lynx works to access the web). >> - from the sub net I can ping 10.0.1.1 and 192.168.0.10 but not 192.168.0.1 >> - PF does not block the packets from 10.0.1.* to 192.168.0.1 >> - with tcpdump I can see that packets are not forwarded to ext_if when they >> need to reach 192.168.0.1 >> - The pf.conf rules have not changed therefore should not be the problem >> here >> - route default is set to 192.168.0.1 >> - subnet machines are set correctly (as before when it worked) >> >> Subnet machines >> 10.0.1.* >> >> 10.0.1.1 int_if >> OpenBSD firewall using NAT rules >> 192.168.0.10 ext_if >> >> ADSL box >> 192.168.0.1 >> >> Internet
