Hi,
You were right it had to do my topology. The firewall is working correctly
now.
Thanks again for all you help
On Thu, Mar 26, 2009 at 8:07 PM, Eric Magutu wrote:
> Hi Micheal,
> I was trying to simulate the conditions of the server on a test machine.
> I'm pretty sure now I didn't take into
Hi Micheal,
I was trying to simulate the conditions of the server on a test machine. I'm
pretty sure now I didn't take into account all the network aspects, silly
mistake :-) Its probably my routing. I will check on my routes tomorrow and
get back to you.
I think there is only one active interface
Hello Eric:
Hi everyone,
Can you provide a little more information about your topology? Right now, you
only have one interface defined in your rules, but you are attempting to pass
traffic between two subnets. That would suggest you have two interfaces and,
if so, both need to be accounted
Hi everyone,
Thanks for all your input so far. I have tried to implement all you
suggestions but have gotten stuck. I set up a test machine in the office
with the ip 10.0.0.110 and encountered the following problems:
when I enables antispoofing the firewall didn't work
when I tried allowing the
I also forgot to mention:
You should probably log your block rule so that you can see what's going on if
things don't work as expected.
So:
block in log on $ext_if
Note the lack of "quick" as well, as previously mentioned.
With logging enabled, provided you have pflog running (which you shoul
I forgot to mention...
You have something like
pass in/out on lo0
that's not wrong but it's not the way to do it
set skip on lo0 # is the right way
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/
Also, it would be a good ideea to go through the pf manual at least once.
I don't see any scrub or options or timeout periods (fine tunning).
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To un