Hello there.
I have set up a FreeBSD box on my home network to act as a router/firewall. I have set it up so that it makes the pppoe connection and have successfully configured the other computers on the network so that they have access to internet.
Since setting this up i have come across a strange problem. I cannot access the web interface of the modem/router from my desktop pc. When i ping to 192.168.2.1(ip of modem/router) i get a "Destination host unreachable" error from my desktop pc though when i ping from the FreeBSD pc (ip 192.168.2.32) it succeeds. The modem/router is on bridge mode with the FreeBSD pc, using the network interface rl0(Realtek 8139).
Here is my pf.conf
Any help would be appreciated. Thanks in advance.
Update: Is there maybe any interference as far as the bridge mode is concerned in the way that the modem/router is bridged with tun0 interface that ppp creates? So mayby I should allow traffic through tun0 to/from 192.168.2.1(ip of modem/router)? Just an idea...
I have set up a FreeBSD box on my home network to act as a router/firewall. I have set it up so that it makes the pppoe connection and have successfully configured the other computers on the network so that they have access to internet.
Since setting this up i have come across a strange problem. I cannot access the web interface of the modem/router from my desktop pc. When i ping to 192.168.2.1(ip of modem/router) i get a "Destination host unreachable" error from my desktop pc though when i ping from the FreeBSD pc (ip 192.168.2.32) it succeeds. The modem/router is on bridge mode with the FreeBSD pc, using the network interface rl0(Realtek 8139).
Here is my pf.conf
Code:
[root@freebsd ~]# cat /etc/pf.conf
##########
# MACROS #
##########
extif = "tun0"
intif = "rl0"
lo_if="lo0"
internal = "192.168.2.0/24"
danis = "192.168.2.32"
danis2 = "192.168.2.24"
###########
# OPTIONS #
###########
set skip on lo
set block-policy drop
#################
# Normalization #
#################
scrub in
#######
# NAT ##
#######
nat on $extif from $internal to any -> ($extif)
###### SSH
rdr pass on $extif proto tcp from any to any port 23 -> $danis port 23
###### Torrent
rdr pass on $extif proto tcp from any to any port 22 -> $danis2 port 22
###################
# FILTERING RULES #
###################
##### General Policy
block in on $extif
#antispoof quick for { $intif }
# pass all traffic to and from the local network.
# these rules will create state entries due to the default
# "keep state" option which will automatically be applied
pass in on $intif from $internal
pass out on $intif to $internal
# pass tcp, udp, and icmp out on the external (Internet) interface.
# tcp connections will be modulated, udp/icmp will be tracked
# statefully.
pass out on $extif proto { tcp udp icmp } all modulate stateAny help would be appreciated. Thanks in advance.
Update: Is there maybe any interference as far as the bridge mode is concerned in the way that the modem/router is bridged with tun0 interface that ppp creates? So mayby I should allow traffic through tun0 to/from 192.168.2.1(ip of modem/router)? Just an idea...