Date: Fri, 09 Jun 2006 15:52:04 +1000 From: Mikhail Goriachev <mikhailg@webanoide.org> To: Pat Maddox <pergesu@gmail.com> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Need some help with PF rule letting two machines access each other Message-ID: <44890C84.1070304@webanoide.org> In-Reply-To: <810a540e0606082221n488bf220q3846d9c79b47e1ad@mail.gmail.com> References: <810a540e0606082221n488bf220q3846d9c79b47e1ad@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Pat Maddox wrote: > 12.34.56.78 runs a server on port 1234 > 87.65.43.21 should connect to this > > Both of them have PF rulesets that block off most traffic, keeping > open the publically available ports I need open. In this case though, > any traffic over this port should only be between these two machines. > I've tried to set this up, but I keep getting operation not permitted, > connection refused, and connection reset by peer errors. Thanks for > any info. Hi, This'll do: EIF=eif # external interface HOSTA=12.34.56.78 # host A HOSTB=87.65.43.21 # host B # These lines go on host A pass in quick on $EIF from $HOSTB to $EIF port 1234 pass out quick on $EIF from $EIF to $HOSTB port 1234 # These lines go on host B pass in quick on $EIF from $HOSTA to $EIF port 1234 pass out quick on $EIF from $EIF to $HOSTA port 1234 Put those lines somewhere at the beginning of your pf.conf files. Also, if I may add, this is very basic and you should consult/read/learn PF's guide. Cheers, Mikhail. -- Mikhail Goriachev Webanoide Telephone: +61 (0)3 62252501 Mobile Phone: +61 (0)4 38255158 E-Mail: mikhailg@webanoide.org Web: http://www.webanoide.org PGP Key ID: 0x4E148A3B PGP Key Fingerprint: D96B 7C14 79A5 8824 B99D 9562 F50E 2F5D 4E14 8A3B
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44890C84.1070304>