Date: Tue, 15 May 2007 21:51:10 -0400 From: "Ansar Mohammed" <ansarm@gmail.com> To: <freebsd-questions@freebsd.org> Subject: PF Weirdness Message-ID: <000f01c7975c$ae855eb0$0105a8c0@northamerica.corp.microsoft.com>
next in thread | raw e-mail | index | archive | help
Hello All, See the following pf.conf file; weirdness is abound since I cannot connect to the internal host "antares" from only some remote networks behind firewalls. Funny enough I thought it was an MTU issue so I dropped max-mss all the way down to 700 but still to no avail. Any ideas? ext_if="tun0" int_if="rl0" internal_net="192.168.2.0/24" external_addr="10.248.190.95" internal_addr="192.168.2.1" #IP Address Assignments ip121_addr="10.248.188.121" #Internal Host Assignments antares="192.168.2.10" www="192.168.2.3" mail="192.168.2.13" scrub in all max-mss 1400 rdr on $ext_if proto tcp from any to ($ext_if) port 80 -> 192.168.2.3 port 80 rdr on $ext_if proto tcp from any to ($ext_if) port 25 -> 192.168.2.13 port 25 binat on $ext_if from $antares to any -> $ip121_addr nat on $ext_if from $internal_net to any -> $external_addr block in log all pass in on $int_if from $internal_net to any keep state pass out on $ext_if from $external_addr to any keep state pass in on $ext_if inet proto tcp from any to $external_addr port 22 keep state pass in on $ext_if inet proto tcp from any to $www port 80 keep state pass in on $ext_if inet proto tcp from any to $mail port 25 keep state pass in on $ext_if inet proto tcp from any to $antares port 22 keep state
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000f01c7975c$ae855eb0$0105a8c0>