[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NATing gateway which somehow doesn't
* Peter N. M. Hansteen <peter@bryggen.bgnett.no> [030123 20:52]:
> Following a few unfortunate power events (read: Kapow! Zap!), my
> home gateway's disk and power supply gave up the ghost. Well, I
> thought, the machine had been runnining linux (debian), and it
> really was time to migrate to OpenBSD. It looked like a simple
> plan, really:
>
Too bad :(
<snip>
> $ ifconfig xl0
> xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> address: 00:04:76:22:e3:bc
> media: Ethernet autoselect (100baseTX full-duplex)
> status: active
> inet 194.54.107.19 netmask 0xfffffff8 broadcast 194.54.107.23
> inet6 fe80::204:76ff:fe22:e3bc%xl0 prefixlen 64 scopeid 0x1
>
> $ ifconfig xl1
> xl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
> address: 00:10:5a:86:18:2c
> media: Ethernet autoselect (10baseT)
> status: active
> inet 192.168.103.1 netmask 0xffffff00 broadcast 192.168.103.255
> inet6 fe80::210:5aff:fe86:182c%xl1 prefixlen 64 scopeid 0x2
>
<snip>
>
> $ grep -v # /etc/pf.conf
> scrub in all
> nat on xl0 from 192.168.103.0/24 to any -> 194.54.107.17
nat on xl0 from 192.168.103.0/24 to any -> 194.54.107.19
^^
> pass in all
> pass out all
> block in quick on xl0 inet from { 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 } to any
>
<snip>
--
mvh/regards
Stein B. Sylvarnes