PF problem!!!
Peter N. M. Hansteen
peter at bgnett.no
Mon Apr 25 08:18:40 PDT 2005
"Fafa Diliha Romanova" <fteg at london.com> writes:
> My question is: Why do I have to type this after everytime I've rebooted
> to make my NAT gateway server allow Internet access to my workstation?
Your rule set does not contain any rules which let packets pass *in* on
your internal interface.
Remember, pf.conf is seen from the firewall's perspective. traffic
passes IN from elsewhere on either interface to the firewall, OUT to
elsewhere on either interface. You have rules which let traffic pass
in to the firewall on the external interface and out from the firewall
on the external interface, but none which let traffic in on the internal
interface.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
More information about the freebsd-questions
mailing list