Need some help with PF rule letting two machines access each
other
Mikhail Goriachev
mikhailg at webanoide.org
Fri Jun 9 05:52:50 UTC 2006
Pat Maddox wrote:
> 12.34.56.78 runs a server on port 1234
> 87.65.43.21 should connect to this
>
> Both of them have PF rulesets that block off most traffic, keeping
> open the publically available ports I need open. In this case though,
> any traffic over this port should only be between these two machines.
> I've tried to set this up, but I keep getting operation not permitted,
> connection refused, and connection reset by peer errors. Thanks for
> any info.
Hi,
This'll do:
EIF=eif # external interface
HOSTA=12.34.56.78 # host A
HOSTB=87.65.43.21 # host B
# These lines go on host A
pass in quick on $EIF from $HOSTB to $EIF port 1234
pass out quick on $EIF from $EIF to $HOSTB port 1234
# These lines go on host B
pass in quick on $EIF from $HOSTA to $EIF port 1234
pass out quick on $EIF from $EIF to $HOSTA port 1234
Put those lines somewhere at the beginning of your pf.conf files. Also,
if I may add, this is very basic and you should consult/read/learn PF's
guide.
Cheers,
Mikhail.
--
Mikhail Goriachev
Webanoide
Telephone: +61 (0)3 62252501
Mobile Phone: +61 (0)4 38255158
E-Mail: mikhailg at webanoide.org
Web: http://www.webanoide.org
PGP Key ID: 0x4E148A3B
PGP Key Fingerprint: D96B 7C14 79A5 8824 B99D 9562 F50E 2F5D 4E14 8A3B
More information about the freebsd-questions
mailing list