-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hi,
is there way to use BGP to block traffic, like it is described on
https://www.bgp-spamd.net/index.html
or even BGP feeds from spamhaus
https://www.spamhaus.org/news/article/683/spamhaus-releases-bgp-feed-bgpf-and-botnet-cc-list-bgpcc
- --
Zeus
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
greetings
please, advise
WHAT I HAVE:
routerB <-> netX/16
^
|
V
clients <-> routerA <-> netX/24
WHAT I NEED:
to provide `clients <-> netX/24' traffic on the base of routerB pf rules
so, the
mxb wrote:
> Use BGP to distribute list of IP addresses.
> Like it is done at http://bgp-spamd.net/
what about pfsync indeed? I need black list of addresses I do can
control on my own and to install BGP infrastructure for local needs
looks excessive
isn't psync aimed for the tasks like this one
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hi,
please advise
I think of pfsync-ing sshguard table content among several hosts to get
one big table on each host, since IP blocked on one host I want to be
blocked on all others automatically (all hosts are terminated in one
VPN) ...
am I correc
Max wrote:
> Probably you should use
> pass out log on $if_dvr reply-to ($if_wan2 $gw_wan2) to
thank you, Max, this helped
--
Zeus V. Panchenko jid:z...@im.ibs.dn.ua
IT Dpt., I.B.S. LLC GMT+2 (EET)
___
sorry for noise, please ignore this incomplete message
Zeus Panchenko wrote:
> greetings,
>
> I have two wan intefaces, wan1 and wan2
>
> wan1 is for default
>
> I have subnet in my LAN all replies from which I need to direct through
> wan2
>
> I hoped to do t
hi,
I need trivial thing but wondering where am I wrong ... :(
help please
I have two WAN interfaces: wan1 and wan2
wan1 is default route interface, wan2 is dedicated for DVR (video)
I'm trying to direct all output from DVR to wan2 (here I do not care of
where a request to DVR came from, I want a
greetings,
I have two wan intefaces, wan1 and wan2
wan1 is for default
I have subnet in my LAN all replies from which I need to direct through
wan2
I hoped to do that with this pf configuration:
if_service = "vlan1234" # service network
table const { 10.0.0.0/24 }
# requests for the service
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
greetings,
I see, in list the issue appears from time to time but I was not able to
find the solution for my case, please help me to get working altq on my
igb(4) if it is possible at all
I was trying igb(4) original OS drivers and the one from Intel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hi,
just was stumbled on the subject ... please, may somebody advise what am
I missing?
I have:
FreeBSD 10.0-STABLE #0 r261303
BoxA:
LAN: 192.168.0.1/24
TUN (OpenVPN): 172.16.10.1
with route to 172.16/12 set via tun
BoxB:
LAN: 192.168.0.2/24
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> target <-> world <--> em0 - freebsd - vlanA <--> LAN
> ^^ net A
> ||
> +- netC -.-.-.-.- IPSec -.-.-.-.- net B -+
> ...
> where:
> A1 is some address from n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
wishmaster wrote:
> If I understand you correctly, you want binat inside IPSec and
I'm not sure ... what I want is to nat packets from net A before they
are entering IPSec, as if they originate not on the freebsd host
so, they enters IPSec already
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
hi,
please, may somebody help with the subj? is it possible at all on
FreeBSD with pf?
I need to binat some of my LAN (network A) ip addresses to some of
secure communication addresses (network B) for, behind IPSec network C,
access
target <-> world
13 matches
Mail list logo