Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 13 Nov 2019 00:06:58 +0100
From:      =?UTF-8?Q?Morgan_Wesstr=c3=b6m?= <freebsd-database@pp.dyndns.biz>
To:        freebsd-pf@freebsd.org
Subject:   Re: NAT for use with OpenVPN
Message-ID:  <8ba7182d-8c4e-e10e-467b-6cf447490151@pp.dyndns.biz>
In-Reply-To: <CAMnCm8iZ4iLJYOUFFpoTpF_=9xpG2=MN77xi%2BtGaSqumHeeqkQ@mail.gmail.com>
References:  <mailman.6.1573387200.62111.freebsd-pf@freebsd.org> <80ec074d-7a5d-7016-57e4-f607384d0e20@pp.dyndns.biz> <CAMnCm8iz7DcgTM_tPR5ZGZQwPXXcahVbyqw0Wzufkr93xVszpg@mail.gmail.com> <CAMnCm8jZH8ZULq8CKeZF_t4eBEBH5QAsaPKBtxK0WCWGe_OXDA@mail.gmail.com> <ba536474-57b4-37b0-d076-a1c4561d181e@pp.dyndns.biz> <CAP9XWJm2gAC0VjTejP08X0T8ar_ZS1e7PqjAy8iOMRhfBU_3mA@mail.gmail.com> <6bc9b8ce-3ab3-2b57-510d-67ace0a90259@pp.dyndns.biz> <30f8da8a-de96-f737-fef8-820c6ae2ed16@pp.dyndns.biz> <CAMnCm8i-UOAZoyERUWM%2B38sPvWcwevqM6LBgRGeM8nXjgnbVtQ@mail.gmail.com> <CAMnCm8juj8uPuqfDXWu4rOPjbiK0xrsUUrQn002R639RepQOWg@mail.gmail.com> <7f1fcc2d-4833-7fda-c181-a3d15b16f9ee@pp.dyndns.biz> <CAMnCm8gn3y7ai95%2BtkwdZs2qYndzQaNdpHev4ZdNLyd-bOY4iQ@mail.gmail.com> <0b13ae53-b211-ad2c-1447-225860f73d3a@pp.dyndns.biz> <CAMnCm8jZQi-UKm_-hF8WS0cofq0OWWP_d5No1AbOP8_KgQE5ZA@mail.gmail.com> <baa548e5-7dc3-05cf-0275-902d0193fc21@pp.dyndns.biz> <CAMnCm8iZ4iLJYOUFFpoTpF_=9xpG2=MN77xi%2BtGaSqumHeeqkQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 


On 2019-11-12 23:53, Phil Staub wrote:
> New development:
> 
> In the process of tracking down installation of the DD-WRT firmware, I 
> found out how to get a command line interface to the router. It involves 
> sending a special enable packet to the gateway address and then 
> telnetting into it.
> 
> Though the purpose for doing this was for something else, I figured that 
> since the router runs linux, a shell should get me access to ifconfig 
> and netstat. Here's what I get:
> 

If it runs on Linux I suppose it uses iptables for firewalling and NAT? 
Should be easy to see what the NAT rules look like. Maybe you can simply 
add a NAT rule for 10.8.0.0/24 if it's missing? Probably won't survive a 
reboot but as a workaround it might do? I'm no iptables expert (it's 
black magic compared to pf) but some googling thinks the following 
command should list the NAT rules:

# iptables -t nat -L

/Morgan

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8ba7182d-8c4e-e10e-467b-6cf447490151>