I'm trying to pass SMB traffic across an internal bridge, but my OpenBSD 3.3 gateway isn't NAT'g the broadcast traffic. I have an internal network comprised of a wireless Tablet PC, a Linux/Samba fileserver, and some inconsequential client workstations.
The Tablet is using a VPN tunnel (SSH Sentinel) to pass all wireless traffic via IPsec to the OpenBSD/PF gateway. The gateway bridges wi0 to ne3, which is the default gateway for all traffic on 192.168.0.0/24. The idea is to encrypt all traffic from the Tablet to the gateway a) outbound to the internet, and b) bounced inbound to the Linux server. I've added the following NAT rule, which successfully bounces traffic from the Tablet to the Linux server: nat on $int_if from $int_net to $int_net -> ($int_if) (Note: The reason for this, rather than a host-to-host tunnel, is that Sentinel keeps sending host-to-host traffic out the default tunnel. Rather than continue to fight it, I'm going to work with it) I've tested all manner of normal traffic, and everything works great. I can ping, ssh, even browse SMB *explicitly* by IP address. However, if I try to use typical SMB/NMB browsing, the gateway refuses to forward packets destined for 192.168.0.255. Is this a feature/bug of OpenBSD, or I am forgetting some simple truth regarding IP networking? -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net
