first firewall with pf
emagutu at gmail.com
Fri Mar 27 06:17:25 PDT 2009
You were right it had to do my topology. The firewall is working correctly
Thanks again for all you help
On Thu, Mar 26, 2009 at 8:07 PM, Eric Magutu <emagutu at gmail.com> wrote:
> Hi Micheal,
> I was trying to simulate the conditions of the server on a test machine.
> I'm pretty sure now I didn't take into account all the network aspects,
> silly mistake :-) Its probably my routing. I will check on my routes
> tomorrow and get back to you.
> I think there is only one active interface though.
> On Thu, Mar 26, 2009 at 7:33 PM, Michael K. Smith - Adhost <
> mksmith at adhost.com> wrote:
>> Hello Eric:
>> Hi everyone,
>> Can you provide a little more information about your topology? Right now,
>> you only have one interface defined in your rules, but you are attempting to
>> pass traffic between two subnets. That would suggest you have two
>> interfaces and, if so, both need to be accounted for in your rules below.
>> You'll have to have pass/block rules for both. It looks like this:
>> 172.16.0.0/16 -> le0 <firewall> -> (some other interface) -> 10.0.0.0
>> Could you tell me if that is correct?
>> ----- Original Message Snipped -----
>> Thanks for all your input so far. I have tried to implement all you
>> suggestions but have gotten stuck. I set up a test machine in the office
>> with the ip 10.0.0.110 and encountered the following problems:
>> when I enables antispoofing the firewall didn't work
>> when I tried allowing the 10.0.0.0 subnet it worked ok but when i tried
>> connecting from machines on the 172.16 subnet I was unable to connect.
>> Can you please let me know what I'm doing wrong?
> Eric Magutu
More information about the freebsd-questions