My network setup is cable modem->FreeBSD (pf)->other computers
NAT is working fine, all the internal computers can access the internet through the FreeBSD firewall. In trying to establish port forwarding an issue is occurring.
I have firewall rules:
rdr on $ext_if proto { tcp, udp } from any to any port { 6112, 30260, 9112, 30360, 9100 } -> 192.168.1.20
pass in log on $ext_if proto {tcp,udp} to 192.168.1.20 port { 6112, 30260, 9112, 30360, 9100 } keep state
When an outside computer tries to access my computer on port 6112, the packet reaches the firewall and is redirected and passed in.
36. 115743 rule 21/0(match): pass in on bfe0: 66.134.89.225.6112 > 192.168.1.20.6112: UDP, length 12
However, the application on the internal computer never receives it. Watching with wireshark on the internal computer, the inbound packet is never seen on the network. Watching with wireshark on the firewall, the inbound packet is never seen on the internal interface either.
NAT is working fine, all the internal computers can access the internet through the FreeBSD firewall. In trying to establish port forwarding an issue is occurring.
I have firewall rules:
rdr on $ext_if proto { tcp, udp } from any to any port { 6112, 30260, 9112, 30360, 9100 } -> 192.168.1.20
pass in log on $ext_if proto {tcp,udp} to 192.168.1.20 port { 6112, 30260, 9112, 30360, 9100 } keep state
When an outside computer tries to access my computer on port 6112, the packet reaches the firewall and is redirected and passed in.
36. 115743 rule 21/0(match): pass in on bfe0: 66.134.89.225.6112 > 192.168.1.20.6112: UDP, length 12
However, the application on the internal computer never receives it. Watching with wireshark on the internal computer, the inbound packet is never seen on the network. Watching with wireshark on the firewall, the inbound packet is never seen on the internal interface either.
