Thread: Very limited port redirection setup with pf not working
View Single Post

   
  #9 (permalink)  
Old 02-16-2008, 07:02 AM
google@humanprototype.com
 
Posts: n/a
Default Re: Very limited port redirection setup with pf not working
Got it! Has to do with routing, but default gateway didn't help.

I'll explain:

I added the default gw as you suggested, but the web server still had a
way of reaching the client directly (by being in the same 10.4.x.x/16
network) so it never used the default gateway to reach the clients.

However, then I added this:

route add -net 10.4.12.0 netmask 255.255.255.0 gw 10.4.12.142

to force all packages coming from clients, going through the OpenBSD
box, and back to the clients on the web server to use the OpenBSD box
as gateway.

This works I think because the route above is more stringent (for a 24
bit subnet) than the 16 bit network direct route it has, and hence ...
it works - I can go, on my client, to http://10.4.12.142 and see the
web page the same way I can do by going to http://10.4.12.235.

Many thanks for all replies.

Reply With Quote