Date: Wed, 23 Jan 2019 18:19:32 -0500 From: "James B. Byrne" <byrnejb@harte-lyne.ca> To: freebsd-questions@harte-lyne.ca Subject: PF filter rule for LAN to LAN ssh traffic Message-ID: <1bdea92a0cedc17cc49187c01d49b94f.squirrel@webmail.harte-lyne.ca>
next in thread | raw e-mail | index | archive | help
What is the PF filter rule to permit ssh between hosts on the LAN side
of a gateway firewall? When I ssh to a host the intitial connection
works fine. But, after a few seconds the session becomes
non-responsive and is eventually dropped with this message
Fssh_packet_write_wait: Connection to 192.168.216.18 port 22: Broken pipe
I tried various formulations of this:
pass in log on $int_if \
from $int_if:network \
to $int_if:network keep state
pass out log on $int_if \
from $int_if:network \
to $int_if:network keep state
None of which worked.
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1bdea92a0cedc17cc49187c01d49b94f.squirrel>