pf nat woes
Richard Nyberg
rnyberg at murmeldjur.se
Sun Sep 4 02:33:09 PDT 2016
Hello users,
I've set up a df4.6 box as an internet gateway and samba fileserver at
home. It gets it's external IP address via dhcp on re0. The problem is
that after this machine has booted, I need to run "rcrestart pf".
Otherwise the machines on the internal network can't access the
internet.
Any thought on this? The servers rc.conf and pf.conf are below.
### pf.conf begin
ext_if="re0"
int_if="em0"
scrub in
nat on $ext_if from $int_if:network -> ($ext_if)
block in
pass out keep state
pass quick on { lo $int_if }
pass in on $ext_if proto tcp to ($ext_if) port ssh keep state
pass in on $ext_if proto { tcp udp } to ($ext_if) port 51403 keep state
pass in on $ext_if proto { tcp udp } to ($ext_if) port 51413 keep state
### pf.conf end
### rc.conf begin
powerd_enable="YES"
dntpd_enable="YES"
samba_enable="YES"
sshd_enable="YES"
dbus_enable="YES"
avahi_daemon_enable="YES"
dhcpd_enable="YES"
dhcpd_flags="-q"
dhcpd_conf="/usr/local/etc/dhcpd.conf"
dhcpd_ifaces="em0"
dhcpd_withumask="022"
dumpdev="/dev/serno/S246J90Z339652.s1b"
hostname="gorg.lan"
ifconfig_re0="DHCP"
ifconfig_em0="inet 10.5.2.1 netmask 0xffffff00"
gateway_enable="YES"
pf_enable="YES"
### rc.conf end
Best regards,
-Richard
More information about the Users
mailing list