Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $ cat /etc/hostname.vether0
- inet 172.16.1.5 255.255.255.0
- --------------------------------------------
- $ cat /etc/hostname.bridge0
- add vether0
- --------------------------------------------
- $ doas cat /etc/dhcpd.conf
- # Local VM Subnet
- subnet 172.16.1.0 netmask 255.255.255.0 {
- option domain-name "vmm.openbsd.local";
- option domain-name-servers 8.8.8.8, 8.8.4.4;
- option routers 172.16.1.5;
- range 172.16.1.100 172.16.1.200;
- }
- #Alpine
- host static-client {
- hardware ethernet fe:e1:bb:d1:b0:f7;
- fixed-address 172.16.1.104;
- }
- --------------------------------------------
- $ cat /etc/vm.conf
- switch "local" {
- interface bridge0
- }
- --------------------------------------------
- doas cat /etc/pf.conf
- # $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $
- #
- # See pf.conf(5) and /etc/examples/pf.conf
- #original config
- set skip on lo
- block return # block stateless traffic
- pass # establish keep-state
- # By default, do not permit remote connections to X11
- block return in on ! lo0 proto tcp to port 6000:6010
- # Port build user does not need network
- block return out log proto {tcp udp} user _pbuild
- #/original
- # VMM
- ext_if="eth0"
- vmd_if="{ vether0 bridge0 }"
- set block-policy drop
- set loginterface egress
- match in all scrub (no-df random-id max-mss 1440)
- match out on egress inet from !(egress:network) to any nat-to (egress:0)
- pass out quick inet
- pass in on $vmd_if inet
- pass in on egress inet proto tcp from any to (egress) port 22
- #match out on $ext_if from $vmd_if:network to any nat-to ($ext_if)
- #/VMM
Add Comment
Please, Sign In to add comment
