cod3fr3ak
December 2nd, 2003, 22:58
I am trying to do this:
Protocol: TCP
Listen IP: "unspecified"
Listen port: range 2300 to 2400
Destination IP: the local IP address of the machine you want to connect to MW4
Destination port: range 2300 to 2400
Protocol: UDP
Listen IP: "unspecified"
Listen port: range 28800 to 28912
Destination IP: the local IP address of the machine you want to connect to MW4
Destination port: range 28800 to 28912
I thought all I needed was two rdr rules and two pass in rules. Here is my pf.conf.
[code:1:2e398fdf55]
# Macros: define common values, so they can be referenced and changed easily.
ext_if="sis0" # Untrusted External Interface (from cable modem)
int_if1="sis1" # Trusted Internal Interface (Ethernet)
int_if2="sis2" # Trusted Internal Interface (Ethernet/WiFi)
pvt_net="192.168.0.0/16" # Internal Private Network
# NAT on the External interface:
nat on $ext_if from $pvt_net to any -> ($ext_if)
# Redirects for Mechwarrior
rdr on $ext_if proto tcp from any to $ext_if port 2299:2401 -> 192.168.1.99 port 2299:2401
rdr on $ext_if proto udp from any to $ext_if port 28799:28913 -> 192.168.1.99 port 28799:28913
# Default pf rules, made explicit:
block in on $ext_if all
# Mechwarrior rules
pass in on $ext_if proto tcp from any port { 2299><2401 } to $ext_if port { 2299><2401 }
pass in on $ext_if proto udp from any port { 28799 >< 28913 } to $ext_if port { 28799 >< 28913 }
# Keep states and pass out traffic
block out log on $ext_if all
pass out on $ext_if inet proto tcp all flags S/SA keep state
pass out on $ext_if inet proto udp from any to any port { domain, ntp } keep state
pass out on $ext_if inet proto icmp all keep state
[/code:1:2e398fdf55]
For some reason this is not working. Do I want to pass in from $ext_if to 192.168.1.99 port (etc...)???
Protocol: TCP
Listen IP: "unspecified"
Listen port: range 2300 to 2400
Destination IP: the local IP address of the machine you want to connect to MW4
Destination port: range 2300 to 2400
Protocol: UDP
Listen IP: "unspecified"
Listen port: range 28800 to 28912
Destination IP: the local IP address of the machine you want to connect to MW4
Destination port: range 28800 to 28912
I thought all I needed was two rdr rules and two pass in rules. Here is my pf.conf.
[code:1:2e398fdf55]
# Macros: define common values, so they can be referenced and changed easily.
ext_if="sis0" # Untrusted External Interface (from cable modem)
int_if1="sis1" # Trusted Internal Interface (Ethernet)
int_if2="sis2" # Trusted Internal Interface (Ethernet/WiFi)
pvt_net="192.168.0.0/16" # Internal Private Network
# NAT on the External interface:
nat on $ext_if from $pvt_net to any -> ($ext_if)
# Redirects for Mechwarrior
rdr on $ext_if proto tcp from any to $ext_if port 2299:2401 -> 192.168.1.99 port 2299:2401
rdr on $ext_if proto udp from any to $ext_if port 28799:28913 -> 192.168.1.99 port 28799:28913
# Default pf rules, made explicit:
block in on $ext_if all
# Mechwarrior rules
pass in on $ext_if proto tcp from any port { 2299><2401 } to $ext_if port { 2299><2401 }
pass in on $ext_if proto udp from any port { 28799 >< 28913 } to $ext_if port { 28799 >< 28913 }
# Keep states and pass out traffic
block out log on $ext_if all
pass out on $ext_if inet proto tcp all flags S/SA keep state
pass out on $ext_if inet proto udp from any to any port { domain, ntp } keep state
pass out on $ext_if inet proto icmp all keep state
[/code:1:2e398fdf55]
For some reason this is not working. Do I want to pass in from $ext_if to 192.168.1.99 port (etc...)???