Hello,
I recently installed 4.3 (previously using 3.8).
Here's my issue:
My wife is a medical transcriptionist via an SQL server over the internet
(through the openBSD firewall).
With openbsd 3.8 she can do her work just fine.
With 4.3, pf seems to be blocking the SQL server from uploading the document
templates to her computer and doesn't allow the dictation stream in.
Can anyone tell me what changes (other than keep state and flags s/sa) were
made to pf and how to counter-act them? The ruleset I'm using is as follows.
ext_if="em1"
int_if="em0"
set skip on { lo $int_if }
scrub in
nat on $ext_if from !($ext_if) -> ($ext_if:0)
rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
block in
pass out keep state
pass quick on $int_if
antispoof quick for { lo $int_if }
pass in on $ext_if proto tcp to ($ext_if) port ssh keep state
pass in inet proto icmp all icmp-type echoreq keep state
pass in on $ext_if proto tcp to ($ext_if) port 8080 keep state
Thank you
Craig
