[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf.conf frustration



On Sun, Mar 23, 2003 at 04:09:42PM -0700, Wayne Freeman wrote:
> Can anyone see anything wrong that would cause this not to work?
Follow the TCP SYN packet. You already saw it arrive at the external
interface of the firewall. Does it get forwarded out on the internal
interface (tcpdump there)? Does it arrive at the webserver (tcpdump
there)? Does the webserver send out a SYN+ACK (tcpdump)? Does the
SYN+ACK arrive back at the firewall's internal interface (tcpdump)? Does
it get translated back and forwarded out through the external interface
(not according to your description)?
One common problem is that the webserver is not configured to use the
firewall as default gateway, and is not sending its replies through
there..
Daniel