On 1/10/08, Michal Varga <varga.michal@gmail.com> wrote:
>
>
> On Thu, 2008-01-10 at 12:10 -0500, Rodrique Heron wrote:
>
>
> > Thanks
> >
> > FreeBSD syntax for log all is "log-all", I have no block rules. I am
> > passing everything with.
> >
> > pass in quick all
> > pass out qick all
> >
> ah, I think this may be another problem. Syntax for log (all) really
> *was* log-all, in PF 3.7, that is approximately the version used in
> FreeBSD 6.x. I somehow forgot about this from your first mail. As
> FreeBSD 7 incporporates PF 3.9, things behave a little differently here
> and there. anyway, can you show me the exact PF config you are using
> now, one that you think should work and doesn't?
> >
> >
> >
Sorry for the duplicate, I forgot to CC the list.
Both host are in the same broadcast domain,connected to the same switch.
INTERNET
|
|
PIX Firewall
|
|
SWITCH*---*HOSTA 192.168.2.14
*
|
|
*
HOSTB 192.168.2.27
### /etc/pf.conf
ext_if = "em0"
int_if = "lo0"
host_ip = " 192.168.2.14"
jail_ip = "192.168.2.18"
external_host = "192.168.2.27"
rdr on $ext_if proto tcp from any to $host_ip port 22 -> $external_host port
22
rdr on $ext_if proto tcp from any to $host_ip port 26 -> $jail_ip port 22
pass in quick all
pass out quick all