Hi everyone,

Description :
i have OpenBSD 4.2 server with 4 network cards:


ISP ---- OpenBSD-4.2 (NAT) -------> LAN1 (private addresses)
|
|
--------> LAN2 (Public addresses, filtering by destination IP)
|
|
--------> LAN3 (Public addresses, filtering by destination IP)



my pf.conf for tests looks so:


ext_if="fxp0"
lan1_if="xl0"
lan2_if="rl0"
lan3_if="rl1"
lan1_hosts="{10.0.0.0/8}"
lan2_hosts="{x.x.x.x/27}"
lan3_hosts="{y.y.y.y/27}"

block in all
block out all

pass out on $ext_if inet from $ext_if to any
pass in quick on $lan2_if from $lan2_hosts to any
pass in quick on $lan3_if from $lan3_hosts to any






It not working correctly. I have not traffic out trough firewall outside
from any host in lan2 and lan3..
It looks "block in all" working lake "block in quick all", ignoring nexts
lines in pf.conf.
I'm lookking for sample pf.conf for two internal nets, one with NAT, one
without NAT.
All samples in manuals describes about all internal networks with NAT.
BTW, in sysctl.conf i have "net.inet.ip.forwarding=1", of course.
"pfctl -d" and all working correctly then routing is Ok.
I tryed with route-to, no effects.

Help me, please, where i can get samples for config like my.

Best regards
Zdzich
----
"UNIX is like wigwam, no Windows, no Gates, apache inside"