hi since i have setup pf if cannot reach the local ssh server anymore. the rules i have are pretty simple:
----------------------------- if_ext="xl0" if_srv="xl1" if_users="xl2" ip_ext="w.x.y.z" ip_http="192.168.0.2" ip_user1="192.168.1.2" rdr on $if_ext proto tcp from any to $ip_ext port 80 -> $ip_http rdr on $if_ext proto udp from any to $ip_ext port 6502 -> $ip_user1 nat on $if_ext from 192.168.1.0/24 to ! 192.168.1.0/24 -> $ip_ext block in on $if_ext pass on $if_users pass on $if_srv pass on lo0 pass in on $if_ext proto tcp from any to $ip_ext port 22 keep state ---------------------------- traffic (surfing etc.) from the internal network ($if_users) works fine. but when i try to connect to the sshd daemon on the firewall, it does not respond. the incoming traffic (port 80/tcp and port 6502/udp) does not pass the firewall. the ssh deamon is up and running, listening on port 22/tcp. i have 4 ips assigned to the external interface ($if_ext). what am i doing wrong? thanks bruno
