[ Home | Liste | F.A.Q. | Risorse | Cerca... ]


[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]


Archivio: openbsd@sikurezza.org
Soggetto: Re: Dov'e' che sbaglio?
Mittente: David Coppa
Data: 2 Jul 2003 11:54:20 -0000
* SKAL (sir_kalot@xxxxxxxx) wrote:

... snip ...

> ##############
> # Interface #
> ##############
> 
> ext_if = "tun0"
> int_if = "xl0"
> 
> ############
> # Networks #
> ############
> 
> priv_nets = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }"
> 
> ###########
> # Options #
> ###########
> 
> set block-policy return
> set loginterface $ext_if
> set optimization normal
> 
> #########################
> # Packets normalization #
> #########################
> 
> scrub in on $ext_if all
> 
> ###############################
> # Network Address Translation #
> ###############################
> 
> nat on $ext_if from $casa_net to any -> ($ext_if)

Ecco l'errore. Dov'e' definito "casa_net"??

Cambia la tua regola di nat con questa:

nat on $ext_if from $int_if/24 to any -> $ext_if

Se fai "pfctl -s nat", vedrai:

root@caffeine:/root -> pfctl -s nat
nat on tun0 inet from 192.168.1.0/24 to any -> 80.117.234.158

Cheers
-- 
David "caff" Coppa <caff AT openbeer DOT it> s/AT/@/ s/DOT/./

OpenBSD: enforcing your security policy from VAX to i386

Please avoid sending me Word or PowerPoint attachments
See http://www.fsf.org/philosophy/no-word-attachments.html
-- 

________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List




[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005