Hi all,
I have a dyndns.org address. It works fine, but I'm having problems
looking at it from inside my LAN. I have the pf.conf and nat.conf as
below, running on OpenBSD 3.1 base.
When I try to go to my dyndns address I get a connection refused. But
if I try to go to the same address via www.anonymizer.com it works, so
I'm figuring my own firewall is doing something to stop me.
Any hints or URL:s ?
pf.conf
------ cut here ------
ExtIF="ne3" # External interface
InternalNet="192.168.0.0/24" # Internal network
NoRouteIPs="{ 127.0.0.1/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8, \
0.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, 204.152.64.0/23, 224.0.0.0/3 }"
# Normalize packages
scrub in all
# Block bad IPs in/out
block in quick on $ExtIF from $NoRouteIPs to any
block out log quick on $ExtIF from any to $NoRouteIPs
# Drop all Kazaa packets without log
block in quick on $ExtIF inet proto tcp from any to any port = 1214
block in quick on $ExtIF inet proto udp from any to any port = 1214
# Allow incoming web traffic
pass in log quick on $ExtIF inet proto tcp from any to any port = 80 flags S/SA
# Block all other incoming external traffic
block in log quick on $ExtIF from any to any
# Pass all outgoing traffic, and keep state
pass out on $ExtIF proto tcp from any to any keep state
pass out on $ExtIF proto udp from any to any keep state
------ cut here ------
nat.conf
--------
# outgoing traffic
nat on ne3 from 192.168.0.0/16 to any -> ne3
# incoming web traffic
rdr on ne3 from any to any port 80 -> 192.168.0.1 port 80
Thanks in advance
--
Anders Jarnberg in Stockholm, Sweden
Running SuSE 8.0, KDE, Sylpheed and
listening to Massinova with xmms
