On Jul 31, 2004, at 21:55, Coda Hale wrote:
I had the default route set to the SDSL's router, and the box could access
the internet just fine. Computers on the internal network can see the
router, but nothing goes through.
What does a traceroute from an internal box show? Is there a "!H" or "!N" response from the gateway?
# route everything important through the ADSL line
pass in quick on $int_if route-to ($adsl_if $adsl_gw)\
proto { tcp, udp } from $int_if to port $adsl_ports
Can you try adding a "keep state" statement" on the end?
# route everything not important through the SDSL line (default) pass in on $int_if proto from $int_if to any
Which protocol are you allowing with this line? Is the above valid syntax? You have the "proto", but you do not specify which one. Also, the comment is misleading: this line is not allowing things *out* of the external interface(s), only telling PF not to nuke the packet as it comes in.
Try commenting out these lines in your pf.conf:
# default policy: block everything in, let everything out block in pass out modulate state
If things work, then you may be too strict and not have a rule properly set up to allow things out.
# and send everything that's not TCP or UDP through the SDSL line
pass in on $int_if inet proto { icmp } from $int_if to any
Can you try adding a "keep state" statement" on the end?
