selective state flush
Hi, Suppose I have an anchor in PF that, when some condition is met, is loaded with a set of block rules. If the condition is met, the connections that were open before these blcok rules were loaded to the anchor are not dropped, correct? If so, is there some way to selectively drop some connections (flush some states)? Thanks in advance. Regards, Jose -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
spamd topology
Hi, Looking at some setups used in the past for spamd, I noticed that many prefer to use a separate internal NIC to connect to each MX instead of using the internal spamd NIC connected to a switch, where all MXs would be, including possibly other sub-domain MXs. Is there anything wrong or inadequate with this secound approach? Thanks. Regards, Jeff. -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
high load spamd bridge in greylisting mode
Hi, I need to setup a bridge to run spamd in greylisting mode. Since there have been some changes in spamd recently and the ruleset that appeared in the article in the OpenBSD Journal in the past (http://undeadly.org/cgi?action=articlesid=20061108134508) is more appropriate for blacklist mode, I wonder if anyone could point to a ruleset that considers recent updates in spamd and greylisting mode. Also, since this bridge is going to have to handle a lot of messages (some 50K legitimate and possibly some 450k spams) daily, what kind of tunning should be considered under these circunstances? Tnanks a lot in advance. Regards, Jeff. be a bit out of date. -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
greyscanner syntax error
Hi, I am trying to use the greyscanner within my anti-spam firewall. I installed some of the mentioned packages: # pkg_info gettext-0.14.6p0GNU gettext libiconv-1.9.2p3character set conversion library logsentry-1.1.1p2 logfile auditing tool lsof-4.77p0 list information about open files p5-Digest-HMAC-1.01p0 interface to HMAC Message-Digest Algorithms p5-Digest-SHA1-2.11p0 module to calculate SHA1 digests p5-Email-Valid-0.176p0 Check validity of Internet email addresses p5-Mail-Tools-1.74 modules for handling mail with perl p5-Net-DNS-0.60 module to interface the DNS resolver p5-Net-IP-1.25p0perl module for IPv4/IPv6 address parsing tcsh-6.15.00extended C-shell with many useful features wget-1.10.2p0 retrieve files from the web I copied the greyscanner exactly as it is in the site. But whenever I try to run it, I get an error: # ./greyscanner.41 syntax error at ./greyscanner.41 line 199, near local_r ules syntax error at ./greyscanner.41 line 376, near } Execution of ./greyscanner.41 aborted due to compilation errors. Am I using the wrong version of any package or the wrong greyscanner script? Thanks in advance. Regards, Jeff. -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
Re: greyscanner syntax error
Hi, I did forget to mention I am running 4.2 STABLE on a i386 machine. Regards, Jeff. OpenBSD 4.2-stable (GENERIC) #0: Wed Dec 12 16:32:58 BRT 2007 OpenBSD.i386 -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
Re: brute force voip QoS
Hi Stuart and the others, pass out queue (std_out,lowdelay) here, you place ACKs from downloads at a higher priority than your voip calls. this is unlikely to be what you want with priq over a 140Kb/s link.. there are some other things you could look at too but changing this would be a good place to start. I decided to simplify the ruleset and queue setup following the advices. I know have: ext_if=fxp0 int_if=vr0 lan_net=$int_if:network icmp_types=echoreq voipservers = { 200.184.77.145, 200.184.77.138 } atas = { 192.168.2.33, 192.168.2.100 } set skip on lo set loginterface $ext_if scrub in altq on $ext_if priq bandwidth 130Kb queue {std_out, voip_out} queue std_out priority 4 priq(default) queue voip_out priority 11 altq on $int_if priq bandwidth 130Kb queue {std_in, voip_in} queue std_in priority 4 priq (default) queue voip_in priority 11 nat-anchor ftp-proxy/* rdr-anchor ftp-proxy/* nat on $ext_if from !($ext_if) - ($ext_if:0) rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021 anchor ftp-proxy/* block in log pass in quick on $int_if from $atas flags any keep state \ queue voip_in pass out quick on $int_if to $atas flags any queue voip_in pass out pass in on $int_if from $int_if:network pass out on $int_if from any to $int_if:network # icmp pass in inet proto icmp all icmp-type $icmp_types keep state pass out on $ext_if inet proto udp from any to $voipservers \ queue voip_out keep state When I start the voip call, as I said, the quality is quite good indeed. A printscreen of the queues states is below: queue std_out on fxp0 priority 4 priq( default ) [ pkts: 9895 bytes:1284164 dropped pkts: 0 ...0 ] [ qlength: 0/ 50 ] [ measured: 0.1 packets/s, 58.40 b/s ] queue voip_out on fxp0 priority 11 [ pkts: 18075 bytes:151 dropped pkts:0 ...0 ] [ qlength: 0/ 50 ] [ measured:33.4 packets/s, 20.84Kb/s ] queue std_in on vr0 priority 4 priq( default ) [ pkts: 14651 bytes: 16896830 dropped pkts: 37 ...18893 ] [ qlength: 0/ 50 ] [ measured: 3.4 packets/s, 3.96Kb/s ] queue voip_in on vr0 priority 11 [ pkts: 14880 bytes:1107273 dropped pkts:0 ...0 ] [ qlength: 0/ 50 ] [ measured:33.5 packets/s, 19.84Kb/s ] The only traffic going through the std_in queue at this time is the ssh traffic is the output of 'pfctl -vvsq' Now when I start a download, the quality of the voip call is immediately affected (gets worse). Just a while later, the queues states show this: queue std_out on fxp0 priority 4 priq( default ) [ pkts: 10807 bytes:1349808 dropped pkts: 0 ... 0 ] [ qlength: 0/ 50 ] [ measured: 5.4 packets/s, 2.46Kb/s ] queue voip_out on fxp0 priority 11 [ pkts: 24608 bytes:2020685 dropped pkts: 0 ... 0 ] [ qlength: 0/ 50 ] [ measured:33.4 packets/s, 20.84Kb/s ] queue std_in on vr0 priority 4 priq( default ) [ pkts: 16707 bytes: 19142071 dropped pkts: 37 ... 18893 ] [ qlength: 0/ 50 ] [ measured:12.2 packets/s, 109.24Kb/s ] queue voip_in on vr0 priority 11 [ pkts: 20151 bytes:1497327 dropped pkts: 0 ... 0 ] [ qlength: 0/ 50 ] [ measured:25.8 packets/s, 15.29Kb/s ] We see that the traffic going out through the voip_in queue went down from 19.84 Kbps to 15.29Kbps. The ATA is configured to use the G729a codec. An hint or suggestion will be greatly appreciated. Regards, Jeff. -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
Re: brute force voip QoS
Hi, Thanks for your insights. - Original Message - From: scott [EMAIL PROTECTED] 1. Your topology: On the inside lan, are you hosting clients or service? So is this an outside-to-inside -or- an inside-to-outside problem? VoIP Clients. ATAs. This is an inside-to-outside problem. 2. altq queue-type priq effectively does what your asking -- if voip traffic is allocated to priority 6, then nothing flows from queues 5, 4, 3, 2, and 1 while the q6 bucket is wet. My bandwidth is very very limited. Not more than 140 Kbps on both sides at any time. I use G729 as a codec in order to reduce consumption. Use the pf.conf below, when VoIP is the only traffic, the quality of the calls is excelent with no voice cutting at all. Now if I start a download I immediatelly see the quality degrade. That is why I thought of using some radical policy. I would appreciate any comments on this ruleset. ext_if=fxp0 int_if=vr0 lan_net=$int_if:network voipservers = { 200.184.77.145, 200.184.77.138 } atas = { 192.168.2.33 } low_pri={ ftp-data, ftp, www, https } set skip on lo set loginterface $ext_if altq on $ext_if priq bandwidth 125Kb queue {std_out, voip_out, \ lowdelay, lowpri_out} queue lowpri_out priority 1 queue std_out priority 4 priq(default) queue voip_out priority 11 queue lowdelay priority 12 altq on $int_if priq bandwidth 125Kb queue {std_in, voip_in, lowpri_in} queue lowpri_in priority 1 queue std_in priority 4 priq (default) queue voip_in priority 6 nat on $ext_if from !($ext_if) - ($ext_if:0) block in log pass out queue (std_out,lowdelay) pass out on $ext_if inet proto {tcp udp} from ($ext_if) to any \ port $low_pri queue lowpri_out pass in on $int_if from $int_if:network pass in on $int_if from $atas to any queue voip_in pass out on $int_if from any to $int_if:network pass out on $int_if proto {udp,tcp} from any \ port $low_pri to $int_if:network queue lowpri_in antispoof quick for { lo $int_if } pass in on $ext_if proto tcp to ($ext_if) port 2220 queue (std_out, lowdelay) pass out on $ext_if inet proto udp from any to $voipservers queue voip_out keep Regards, Jeff. -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
brute force voip QoS
Hi, I would like to know if this is possible and how, regardless of what happenned with other applications. I would like to setup PF so that, whenever an initial voip flow was detetcted, all other non relevant traffic would be blocked, and normal packet flow being restored only after some voip idleness be detected. Can it be done? Can someone give some ideas of how? Thanks in advance. Best regards, Jeff. -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
legitimate mail messages passing through SPAMD
Hi, I posted a question earlier, but I guess I was not clear. I have a firewall running OpenBSD 4.2 and SPAMD to block spams. I would like to know how many legitimate email messages SPAMD is letting in. The default spamd setup that comes in pf.conf is no rdr on $ext_if proto tcp from spamd-white to any port smtp rdr pass on $ext_if proto tcp from any to any port smtp \ - 127.0.0.1 port spamd So I thought of using 'pfctl -vsn'. In the output of this command, one of the values is the accumulated number of evaluations of each rule. So my question is can I assume the number of evaluations of the rule 'no rdr pass on $ext_if proto tcp from spamd-white ...' is also a good measure for the number of SMTP connections that were forwarded to the MTA(s)? If not, is there another way to extract this number without querying the MTA? Thanks in advance. Regards, Jeff -- Want an e-mail address like mine? Get a free e-mail account today at www.mail.com!
SPAMD legitimate mail statistics
Hi, Is it possible to know how many SMTP legitimate SMTP connections have passed through SPAMD? In a setup like, no rdr on $ext_if proto tcp from spamd-white to any port smtp rdr pass on $ext_if proto tcp from any to any port smtp \ - 127.0.0.1 port spamd Can I assume the number of evaluations of the 'no rdr on' rule is a correct value for this? Is there another way to find this out? Thanks. Regards, Jeff -- Got No Time? Shop Online for Great Gift Ideas! http://mail.shopping.com/?linkin_id=8033174
Re: ping: sendto: No route to host
OK... I know I did not give enough information to allow people help. So here are some more. The firewall works fine running routed most of the time. It is running 4.1-STABLE (below is a dmesg). I see a lot of interrupts on both internal and external interfaces sk0 and sk1. Something like 3600. This a bit odd (in my opinion) since I have another firewall running 3.7 and routed in which the total amount of interrupts is never above 500 (in the same place). Now, this period of instability (in which not even ping works) happens only once or twice a day. It lasts not longer than 10 minutes, and then everything start working again. The other day, I noticed that the routed daemon was not running although the RIP socket was still bound. I have a process that periodically makes sure that the main processes are still operational. I received this message: ps: kvm_getproc2: Cannot allocate memory routed: bind(rip_sock): Address already in use; giving up from the cron daemon. I need some ideas to help me to isolate the problem. Thanks in advance. Regards, Jeff. --- OpenBSD 4.1-stable (GENERIC) #1: Sat May 12 10:14:17 BRT 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) 4 CPU 2.80GHz (GenuineIntel 686-class) 2.80 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID,xTPR real mem = 501772288 (490012K) avail mem = 450052096 (439504K) using 4278 buffers containing 25210880 bytes (24620K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+ BIOS, date 02/17/06, BIOS32 rev. 0 @ 0xf9ed0, SMBIOS rev. 2.3 @ 0xf (42 entries) bios0: PCCHIPS P25G apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xce54 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfcdb0/160 (8 entries) pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT82C596A ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xe600 acpi at mainbus0 not configured cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 vendor VIA, unknown product 0x0296 rev 0x00 pchb1 at pci0 dev 0 function 1 vendor VIA, unknown product 0x1296 rev 0x00 pchb2 at pci0 dev 0 function 2 vendor VIA, unknown product 0x2296 rev 0x00 pchb3 at pci0 dev 0 function 3 vendor VIA, unknown product 0x3296 rev 0x00 pchb4 at pci0 dev 0 function 4 vendor VIA, unknown product 0x4296 rev 0x00 pchb5 at pci0 dev 0 function 7 vendor VIA, unknown product 0x7296 rev 0x00 ppb0 at pci0 dev 1 function 0 VIA VT8377 AGP rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 VIA VT8378 VGA rev 0x01: aperture at 0xf400, size 0x1000 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) skc0 at pci0 dev 8 function 0 D-Link Systems DGE-530T A1 rev 0x11, Yukon (0x1): irq 10 sk0 at skc0 port A, address 00:13:46:71:f7:c7 eephy0 at sk0 phy 0: Marvell 88E1011 Gigabit PHY, rev. 3 skc1 at pci0 dev 10 function 0 D-Link Systems DGE-530T A1 rev 0x11, Yukon (0x1): irq 5 sk1 at skc1 port A, address 00:13:46:71:f3:4a eephy1 at sk1 phy 0: Marvell 88E1011 Gigabit PHY, rev. 3 pciide0 at pci0 dev 15 function 0 VIA VT6420 SATA rev 0x80: DMA pciide0: using irq 11 for native-PCI interrupt pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide1 channel 0 drive 0: SAMSUNG SP0842N wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors atapiscsi0 at pciide1 channel 0 drive 1 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: TSSTcorp, CDW/DVD SH-M522C, TS05 SCSI0 5/cdrom removable wd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 2 cd0(pciide1:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide1: channel 1 disabled (no drives) uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x81: irq 10 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x81: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x81: irq 11 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 16 function 3 VIA VT83C572 USB rev 0x81: irq 11 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 4 VIA VT6202 USB rev 0x86: irq 5 usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub4: 8 ports
ping: sendto: No route to host
Hi, Other than a hardware problem (interface, switch, cabling, etc.), What could cause such an error? I have an OpenBSD 4.1 station configured as a firewall/router, in which the internal interface has address 200.232.120.1/24 and the external interface has address 200.232.140.3/24. Even when I try to ping, say 200.232.120.2, with an updated ARP table, sometimes I get such an error, sometimes I do not. I do not see any errors with netstat -ni. The only process running other than the usual ones is routed. Thanks for any hint. Regards, Jeff. -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
named X route monitor problem
Hi, I am running OpenBSD 4.1 on a firewall/router. For some unknown reason (to me), whenever I start the command nice route monitor after a little while, I begin to get an enormous quantity of messages like: got message of size 104 on ... RTM_MISS: Lookup failed on this address: len 104, table 0, pid: 0, seq o, errno 0m flags:DONE locks: inits: sockaddrs: DST 2001:503:a83e::2:31 When it happens, I notice that named begins to take over the CPU, holding more than 70% of it. Even if I flush PF with pfctl -F all, the problem continues to happen. My question are: 1. Is this address an IPv6 one? Can I find out who is asking for it and why? 2. How can I tell named not to deal with IPv6? Thanks Regards, Jeff. -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
Re: RTM_ADD and RTM_LOSING
Hi, If enough packets are lost to prevent ARP from getting through, you might see that. Even if I use permanent ARP addresses, the problem continues to happen. One funny thing is that I had a shell window with an active successful ping to ftp.openbsd.org. In another window, after setting PKG_PATH to point to ftp ftp.openbsd.org/pub/OpenBSD/4.1/packages/i386/, I tried pkg_add lsof-4.77p0 and No route to host. But when I tried ftp -a ftp.openbsd.org just immediately after, it got there.This kind of error occurs even on the internal interface. I noticed that when a connection is sucessfully established, packet loss stops. But with connectioless protocols like icmp and udp, for some reason errors are more frequent. My NICs are DGE-530T which use skc driver, which has had a record of problems in the past. I saw a lot of interrupts using systat vm with 1436 for skc0 and 1188 for skc1. Could that mean problem? Thanks. Regards, Jeff. -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
RTM_ADD and RTM_LOSING
Hi, I keep getting these punt RTM_ADD without gateway in my /var/log/messages from the routed daemon. Once in a while, I get RTM_LOSING as well. I noticed that, even with a static default route, every now and then I try to ping the default gateway, I get ping: sendto: No route to host. I saw a mention of this message in the list archive, but in that case the felow managed to stop these messages by changing the rdr rule. The only rdr rule I use is the default spamd rules: no rdr on $ext_if proto tcp from spamd-white to any port smtp rdr pass on $ext_if proto tcp from any to any port smtp \ - 127.0.0.1 port spamd Could anyone give some suggestion ? Thanks Regards, Jeff. -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
Re: RTM_ADD and RTM_LOSING
Hi, Thank you very much. netstat -ni will not show a single error on any of the three interfaces. I do not think it has anything to do with PF, because the problem happens even with a pass quick rule. I use dlink DGE-530T nics and one onboard vr0. sk0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:13:46:71:f2:fa media: Ethernet autoselect (100baseTX full-duplex,rxpause,txpause) status: active inet 200.232.120.1 netmask 0xff00 broadcast 200.232.120.255 inet6 fe80::213:46ff:fe71:f2fa%sk0 prefixlen 64 scopeid 0x1 sk1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:13:46:71:f3:4a groups: egress media: Ethernet autoselect (100baseTX full-duplex) status: active inet 200.232.140.3 netmask 0xff00 broadcast 200.232.140.255 inet6 fe80::213:46ff:fe71:f34a%sk1 prefixlen 64 scopeid 0x2 vr0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 lladdr 00:16:ec:54:4b:e2 media: Ethernet autoselect (100baseTX full-duplex) status: active inet 172.16.255.1 netmask 0xff00 broadcast 172.16.255.255 inet6 fe80::216:ecff:fe54:4be2%vr0 prefixlen 64 scopeid 0x3 Could you say something about the RTM_ADD messages? are they normal? I see quite a lot of them (only a few RTM_LOSING). Regards, Jeff. -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
dhcp server with 2 interfaces and 2 different subnets
Hi, I am trying to setup a DHCP server on a multi-homed firewall. One of the interfaces is vr0 and should supply addresses 172.16.255.x/24. The other is sk0 and should supply 200.232.140.x/24. My /etc/dhcpd.interfaces looks like sk0 vr0 My /etc/dhcpd.conf looks like shared-network LOCAL-NET { option domain-name-servers 200.232.140.1; subnet 200.232.140.0 netmask 255.255.255.0 { option routers 200.232.140.1; range 200.232.140.20 200.232.140.200; } subnet 172.16.255.0 netmask 255.255.255.0 { option routers 172.16.255.1; range 172.16.255.20 172.16.255.200; } } Now how can I tell the dhcp server to only allocate 172.16.255 addresses to vr0 and 200.232.140.0 to sk0? Thank you very much. Jeff -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
Re: dhcp server with 2 interfaces and 2 different subnets
Hi, Thank you. Although I did not understand your recommendation. My problem is that for some reason, DHCP server is allocating IP addresses from the subnet 200.232.140.0 for stations in the 172.16.255.0 segment. I would like to control which addresses should be given to each segment. Regards, Jeff. - Original Message - From: Brian A. Seklecki To: Jeff Santos Subject: Re: dhcp server with 2 interfaces and 2 different subnets Date: Tue, 12 Jun 2007 16:25:24 -0400 (EDT) The following: $ sudo tcpdump -i vr0 port bootpc || port bootps tcpdump -i sk0 port bootpc || port bootps $ sudo dhcpd -vf $ sudo netstat -tan|egrep -i 67|68 ~BAS On Tue, 12 Jun 2007, Jeff Santos wrote: Hi, I am trying to setup a DHCP server on a multi-homed firewall. One of the interfaces is vr0 and should supply addresses 172.16.255.x/24. The other is sk0 and should supply 200.232.140.x/24. My /etc/dhcpd.interfaces looks like sk0 vr0 My /etc/dhcpd.conf looks like shared-network LOCAL-NET { option domain-name-servers 200.232.140.1; subnet 200.232.140.0 netmask 255.255.255.0 { option routers 200.232.140.1; range 200.232.140.20 200.232.140.200; } subnet 172.16.255.0 netmask 255.255.255.0 { option routers 172.16.255.1; range 172.16.255.20 172.16.255.200; } } Now how can I tell the dhcp server to only allocate 172.16.255 addresses to vr0 and 200.232.140.0 to sk0? Thank you very much. Jeff -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today l8* -lava (Brian A. Seklecki - Pittsburgh, PA, USA) http://www.spiritual-machines.org/ Guilty? Yeah. But he knows it. I mean, you're guilty. You just don't know it. So who's really in jail? ~Maynard James Keenan -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
Re: simple spamd questions
Hi, Thank you very much. If they are blacklisted, the connected/disconntected message will name the blacklist(s) they are on. if they are greylisted, there will be no mention of lists in the log message. For example, from my logs, So if the host is greylisted the connection should not last long, since spamd will not tarpit the host yet, right? I am asking because I see some connected/disconnected messages not related to any blacklist that last quite a while. Regards, Jeff -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
spamd inbound
Hi, The default setup in pf.conf makes spamd work on both directions: #no rdr on $ext_if proto tcp from spamd-white to any port smtp #rdr pass on $ext_if proto tcp from any to any port smtp \ # - 127.0.0.1 port spamd What is the best way to tell PF that spamd should work only on inbound traffic? Thank you very much Regards, Jeff. -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
Re: simple spamd questions
Hi, Thank you. Can I assume that all connected/disconnected messages I see in /var/log/daemon are from blacklisted hosts or some are still greylisted (undefined)? Regards, Jeff -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today
simple spamd questions
Hi, I am new to OpenBSD and SPAMD, so forgive if I say stupid questions. 1. When run in default mode (greylist), spamd knows the spammers come from blacklists in spamd.conf. But there is no spamd table in PF. How? 2. Is there one way to know how many and which are the blacklisted hosts at the moment? 3. A host that is not in any of blacklist in spamd.conf can be blacklisted? If so, how can I take one off this list? Thank you. Jeff -- Get a Free E-mail Account at Mail.com! Choose From 100+ Personalized Domains Visit http://www.mail.com today