[OpenBSD-BR] pf.conf - ajuda por favor - urgente

Iran Lima openbsd.iran em gmail.com
Sábado Junho 9 09:25:13 BRT 2007 

caro amigo não deu certo, peço que olhe meu pf.conf e diga-me se estou
correto, fico grato pela sua atenção

####### INICIO PF.CONF

ext_if="rl0"   #PLACA DE REDE EXTERNA #192.168.0.254
int_if="fxp0"  #PLACA DE REDE INTERNA #10.0.0.1
int_if_d="vr0" #PLACA DE REDE INTERNA #10.0.1.1


tcp_pass = "{ 21 22 25 53 80 110 465 995 }"
udp_pass = "{ 21 22 25 53 80 110 465 995 }"

set optimization aggressive

scrub in

######## NAT
nat on $ext_if from $int_if to any -> $ext_if
nat on $ext_if from $int_if_d to any -> $ext_if
nat on $int_if_d from $ext_if to any -> $int_if_d
nat on $int_if from $ext_if to any -> $int_if_d

######## SQUID
rdr on $int_if inet proto tcp from any to any port www -> 127.0.0.1 port 3128
pass in on $int_if inet proto tcp from any to 127.0.0.1 port 3128 keep state
pass out on $ext_if inet proto tcp from any to any port www keep state

pass out on { rl0, fxp0 } proto tcp to any port  $tcp_pass
pass out on { rl0, fxp0 } proto udp to any port  $udp_pass

######## FIM

RESULTADO DE ALGUNS COMANDO USANDO O PF.CONF ACIMA

# pfctl -sr
scrub in all fragment reassemble
pass in on fxp0 inet proto tcp from any to 127.0.0.1 port = 3128 keep state
pass out on rl0 inet proto tcp from any to any port = www keep state
pass out on rl0 proto tcp from any to any port = ftp
pass out on rl0 proto tcp from any to any port = ssh
pass out on rl0 proto tcp from any to any port = smtp
pass out on rl0 proto tcp from any to any port = domain
pass out on rl0 proto tcp from any to any port = www
pass out on rl0 proto tcp from any to any port = pop3
pass out on rl0 proto tcp from any to any port = 465
pass out on rl0 proto tcp from any to any port = pop3s
pass out on fxp0 proto tcp from any to any port = ftp
pass out on fxp0 proto tcp from any to any port = ssh
pass out on fxp0 proto tcp from any to any port = smtp
pass out on fxp0 proto tcp from any to any port = domain
pass out on fxp0 proto tcp from any to any port = www
pass out on fxp0 proto tcp from any to any port = pop3
pass out on fxp0 proto tcp from any to any port = 465
pass out on fxp0 proto tcp from any to any port = pop3s
pass out on rl0 proto udp from any to any port = 21
pass out on rl0 proto udp from any to any port = ssh
pass out on rl0 proto udp from any to any port = 25
pass out on rl0 proto udp from any to any port = domain
pass out on rl0 proto udp from any to any port = www
pass out on rl0 proto udp from any to any port = pop3
pass out on rl0 proto udp from any to any port = 465
pass out on rl0 proto udp from any to any port = pop3s
pass out on fxp0 proto udp from any to any port = 21
pass out on fxp0 proto udp from any to any port = ssh
pass out on fxp0 proto udp from any to any port = 25
pass out on fxp0 proto udp from any to any port = domain
pass out on fxp0 proto udp from any to any port = www
pass out on fxp0 proto udp from any to any port = pop3
pass out on fxp0 proto udp from any to any port = 465
pass out on fxp0 proto udp from any to any port = pop3s



# pfctl -sn
nat on rl0 inet from 10.0.0.1 to any -> 192.168.0.254
nat on rl0 inet from 10.0.1.1 to any -> 192.168.0.254
nat on vr0 inet from 192.168.0.254 to any -> 10.0.1.1
nat on fxp0 inet from 192.168.0.254 to any -> 10.0.1.1
rdr on fxp0 inet proto tcp from any to any port = www -> 127.0.0.1 port 3128


NAVEGO BELAZA E O SQUID FUNCIONA DIREITINHO, MAIS NÃO CONSIGO USAR O
OUTLOOK EXPRESS QUE USA O PROTOCOLO SMTP (PORTA 25) E O POP3 (PORTA
110) NÃO SEI MAIS O QUE FAZER PEÇO AJUDA

Mais detalhes sobre a lista de discussão Openbsd