[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PF: Blocks my workstation on boot

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: PF: Blocks my workstation on boot
From: "Matthew L. Shobe" <mls_(_at_)_shobe_(_dot_)_org>
Date: Thu, 21 Apr 2005 12:14:23 -0400
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

On Thu, Apr 21, 2005 at 04:48:31AM -0500, Fafa Diliha Romanova wrote:
> I have to write this command on my server after every reboot to allow
> my workstation to access the Internet through it:
> 
> # pfctl -F a ; pfctl -Nf /etc/pf.conf ; pfctl -sr

This stops all packet filtering, probably not what you want.

> My pf.conf looks like this:
> 
> int_if="ep0"
> ext_if="lnc0"
> 
> # *** Default deny policy
> #
> block   drop log all

Here's the problem. You need to either block only on $ext_if or...

> # *** Pass loopback traffic
> #
> pass    quick on lo0 all

Add a pass rule for $int_if.

The PF User's Guide[1] and pfctl(8) will help.

1. http://www.openbsd.org/faq/pf/index.html

References:
- PF: Blocks my workstation on boot
  - From: Fafa Diliha Romanova

Prev by Date: Re: Problem building -current
Next by Date: Re: Problem building -current
Previous by thread: PF: Blocks my workstation on boot
Next by thread: Re: PF: Blocks my workstation on boot
Index(es):
- Date
- Thread

Visit your host, monkey.org