Re: [PLUG] Can't access to Webserver Packet Filter OpenBSD. Need help please!

[PaulNM <plug@paulscrap.com>]

Is the webserver you're trying to reach on the Debian machine? I ask 
because the diagram lists a Web(CentOS) system, but the pf.conf you 
attached seems to send TCP port 80 to 10.81.81.3. That's labeled as 
DB(Debian) in the diagram. It's also the only 10.* ip listed anywhere in 
the config.

I'm not familiar with PF at all, so it's possible I'm misunderstanding 
how the rules work. In particular "pass in on egress" implies outgoing 
packets to me, but I could be wrong.

Is this something that was working before? Are you able to reach system 
from the firewall machine (ping/ssh/etc)? What do you mean by "issue", 
are you getting any kind of message at all or is the web request just 
timing out? Have you tried using nmap to see if the port is 
filtered/closed/open? Do you see evidence of your connection attempts in 
the web server's logs? Or the firewall's logs?

- PaulNM


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug