Hello everyone!
I have a strange problem with one of my lan cards attached to an amd64 box. I have three lan cards - the first is for the connection with my ISP - an old Repotec (rl0), a Linksys (re0) with many aliases and making the link between the FBSD and a switch and the new one (and the problematic) - an Asus card (stge0).
The issue is that I cannot pass anything through the stge0 and I can't find the reason why that's happening. The card is working correctly (i've tested it on a windows machine), so there is a problem at my FreeBSD amd64 config, maybe?
Here is my ifconfig output:
and here is the significant part of my TEST pf.conf:
Please, I'll be glad to receive any help and comments!
I have a strange problem with one of my lan cards attached to an amd64 box. I have three lan cards - the first is for the connection with my ISP - an old Repotec (rl0), a Linksys (re0) with many aliases and making the link between the FBSD and a switch and the new one (and the problematic) - an Asus card (stge0).
The issue is that I cannot pass anything through the stge0 and I can't find the reason why that's happening. The card is working correctly (i've tested it on a windows machine), so there is a problem at my FreeBSD amd64 config, maybe?
Here is my ifconfig output:
Code:
[root@hestia ~]# ifconfig
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 02:e0:18:ba:e2:81
ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
lladdr 0.e0.18.0.0.ba.e2.81.a.2.ff.fe.0.0.0.0
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
ether 00:18:f8:0d:8c:ed
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
inet 192.168.10.1 netmask 0xffffff00 broadcast 192.168.10.255
inet 192.168.10.2 netmask 0xffffff00 broadcast 192.168.10.255
inet 192.168.10.3 netmask 0xffffff00 broadcast 192.168.10.255
inet 192.168.10.4 netmask 0xffffff00 broadcast 192.168.10.255
inet 192.168.10.5 netmask 0xffffff00 broadcast 192.168.10.255
inet 192.168.10.6 netmask 0xffffff00 broadcast 192.168.10.255
inet 192.168.10.7 netmask 0xffffff00 broadcast 192.168.10.255
inet 192.168.10.8 netmask 0xffffff00 broadcast 192.168.10.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
stge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 48:5b:39:bc:94:fb
inet 192.168.0.2 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (none)
status: no carrier
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:80:1e:13:0b:0f
inet my-ip-here netmask 0xffffff00 broadcast ip-here
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33152
and here is the significant part of my TEST pf.conf:
Code:
##############################
### INTERFACES ###############
# External interface
ext_if = "rl0"
# Internal interface - Router
int_rt_if = "re0"
# Internal interface
int_pc_if = "stge0"
# Loopback interface
lob_if = "lo0"
# All interfaces
all_if = "{" $ext_if $int_rt_if $int_pc_if $lob_if "}"
##############################
### IP #######################
# External IP address
ext_ip = "my-ip-here"
# Internal interface (router) address
int_rt_ip = "192.168.0.1"
# Internal intercace (PC) address
int_pc_ip = "192.168.0.2"
# Server [Jail] IP address
srv_ip = "192.168.10.1"
# Service [Jail] IP address
src_ip = "192.168.10.2"
# Test [Jail] IP address
tst_ip = "192.168.10.3"
# Users [Jail] IP address
usr_ip = "192.168.10.6"
# Development [Jail] IP address
dev_ip = "192.168.10.7"
# Access point [WiFi AP/Router] IP address
acp_ip = "192.168.0.15"
# Laptop IP [wired connection]
lpt_ip = "192.168.0.16"
##############################
### TEMP #####################
protos="{ tcp udp }"
##############################
### PORTS ####################
# HTTP daemon ports
httpd_ext_port = "80"
httpd_int_port = $httpd_ext_port
# MySQL server ports
mysqld_ext_port = "3305"
mysqld_int_port = $mysqld_ext_port
# SVN daemon ports
svn_ext_port = "3690"
svn_int_port = $svn_ext_port
# Windows Remote Desktp ports
rdp_ports = "{ 3389 20048 44887 }"
# SSH daemon ports
ssh_port = "22"
ssh_sys_port = "1591"
ssh_dev_port = "1592"
ssh_usr_port = $ssh_port
##############################
### TABLES ###################
# IP addresses of the machines in the internal network
table <int_machines> const {\
$int_rt_ip,\
$int_pc_ip,\
$acp_ip,\
$lpt_ip\
}
# IP addresses of the jails
table <jails> const {\
$srv_ip,\
$src_ip,\
$tst_ip,\
$usr_ip,\
$dev_ip\
}
# Blocked IP addresses. Updated via external scripts
table <blocked> persist
##############################
### PACKETS MODIFYING ########
scrub in on $ext_if all min-ttl 25 max-mss 1400 fragment reassemble
scrub out on $ext_if all min-ttl 65 max-mss 1400 fragment reassemble
scrub in
scrub in all fragment reassemble
scrub in on $ext_if all no-df fragment reassemble
##############################
### NAT ######################
# Internal machines (hosts/computers)
nat on $all_if from <int_machines> to any -> ($ext_if)
# Jails
nat on $ext_if from <jails> to any -> ($ext_if)
##############################
### REDIRECT #################
Please, I'll be glad to receive any help and comments!