[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

pf rule confusion



I'm having an issue with pf (or maybe PF has an issue with me who
knows?).
I have an openbsd (3.1) natted firewall, with 3 nic's
rl0 = 64.1.201.130
sis = 192.168.0.1
ep1 = 192.233.103.186 (it's being used as an internal address don't ask,
long irritating story)
i'm trying to set it up to 
A> act as a gateway for both the 192.233.103.* and 192.168.0.* networks,
while allowing me to forward any requests for 192.233.100.* to a
different router.
-AND-
B> Allow me to port forward vnc ports to allow remote external
connections via vnc in.  I have it partially setup now.  I have it so
that it will act as a gateway for the 192.168.0.* network and will allow
vnc traffic to that network, but, it will not let me forward to the
192.233.103 network.  I assume it's because it's not actually natting
this interface.
I'm coming from a linux background, and i'm tired of insecure software
handholding me, and i want something powerful, so i am choosing
pf/openbsd, so far i havn't regretted my decision to do so, i'm just
very confused on these points.
Any help would be greatly appreciated!!!
--Bryan