Date: Wed, 4 Nov 2020 16:32:23 +0000 From: Thomas Laus <lausts@acm.org> To: "freebsd-virtualization@freebsd.org" <freebsd-virtualization@freebsd.org> Subject: Using OpenBSD guest as PF firewall Message-ID: <01000175941a2783-79804ed8-eafa-4f80-92d4-3f500e9d7993-000000@email.amazonses.com>
next in thread | raw e-mail | index | archive | help
Is there a How-To or a Handbook article for using an OpenBSD guest as a firewall for a FreeBSD host? I have enabled pci-passthru and the OpenBSD guest can use the functional FreeBSD NIC hardware and has a hostname.vio0 configured with an IP address and netmask. I have created a public switch on the FreeBSD side and have added tap0. I can connect both from and to the OpenBSD / FreeBSD host by their respective IP addresses. These addresses both use the same subnet. I can't connect anywhere else from the FreeBSD host. The OpenBSD guest has an open pf.conf file to pass all packets to from vio0 to my re0 NIC. The OpenBSD system is version 6.8 and the FreeBSD is Current r367054. It looks like I need to create a bridge somewhere, but can't find the proper commands to make one. I have read a few instructions, but none of them use commands from the vm-bhyve port. I found that is always a good idea to not 'mix and match' these methods. Tom -- Public Keys: PGP KeyID = 0x5F22FDC1 GnuPG KeyID = 0x620836CF
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01000175941a2783-79804ed8-eafa-4f80-92d4-3f500e9d7993-000000>