NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Help npf, only one port opened, but several expected.
Hello Michael,
Just a top post to thank you, your suggestion worked fine and I'm able
to use NetBSD for the router/firewall, solution that I prefer.
Best regards,
Luís
Em Mon, 22 Sep 2025 19:59:00 -0000 (UTC), mlelstv%serpens.de@localhost (Michael
van Elst) escreveu:
| luisvmendes%yandex.com@localhost (Luis Mendes) writes:
|
| >Maybe I didn't explained correctly.
| >What I meant is that albeit I had several ports that should be
open, by | >the rules, only one as detected by a massive scan.
| >The "should be" is in my understanding only.
|
| Yes. Just saying that a rule with multiple ports or port ranges works
| for me.
|
|
| >| # allow known IPSEC traffic
| >| pass out final proto udp from $ext_v4 \
| >| port isakmp to $ipsec_peers port isakmp
| >| pass in final proto udp from $ipsec_peers \
| >| port isakmp to $ext_v4 port isakmp
| >| pass out final proto esp from $ext_v4 to $ipsec_peers
| >| pass in final proto esp from $ipsec_peers to $ext_v4
|
| >Regarding the $ipsec_peers, I don't have that information.
| >Maybe have to use 'any'.
|
| This is just copy and paste from my configuration. For "road warrior"
| settings with arbitrary IPs, this needs to be 'any'.
|
|
Home |
Main Index |
Thread Index |
Old Index