Best option I see here is a dup-to packets to an interface with IDS
listening and give it the ability to add IP addresses to a blacklist and
flush all states associated with them.
PF is a kernel space item, and you want to keep this as simple as possible
to minimize bugs. Leave complex stuff like
i highly doubt that they would add any sort of layer 7/string checking
capability to pf. it's completely against its design
that's just not going to happen
à am not sure i am right but you are not in the good layer, you want snort
or something similar to do that.
On Fri, Jan 25, 2013 at 3:03 PM, Todd wrote:
> hi,
>
> not sure this is the correct place to ask but i wanted to know if the
> possibility of a new pf rule had been thought of?
>
> the co
hi,
not sure this is the correct place to ask but i wanted to know if the
possibility of a new pf rule had been thought of?
the concept i had in mind would be to filter packets bound for a port that
contained a she! or similar script header?
my thought was trying to add a way to check or prev
On 25/01/13 17:04, Peter N. M. Hansteen wrote:
On Fri, Jan 25, 2013 at 07:55:35AM -0700, Daniel Melameth wrote:
Can anyone propose a similar solution with OB?
Read up on pflow(4) and related. This plus the nfdump port make for a
nice combination.
+1
also, nfsen (also from packages, sort of a
On Fri, Jan 25, 2013 at 07:55:35AM -0700, Daniel Melameth wrote:
> >
> > Can anyone propose a similar solution with OB?
>
> Read up on pflow(4) and related. This plus the nfdump port make for a
> nice combination.
+1
also, nfsen (also from packages, sort of a companion to nfdum) if you want
au
On Fri, Jan 25, 2013 at 5:48 AM, Kapetanakis Giannis
wrote:
> I'd like to implement IP accounting in one of my OB routers.
> What I want to do is to log each new connection that creates a state,
> ideally in a database.
>
> In another Linux router I have (and want to replace with OB) I use ulogd
>
On 25.1.2013. 13:48, Kapetanakis Giannis wrote:
> Hi,
>
> I'd like to implement IP accounting in one of my OB routers.
> What I want to do is to log each new connection that creates a state,
> ideally in a database.
>
> In another Linux router I have (and want to replace with OB) I use ulogd
> us
Hi,
I'd like to implement IP accounting in one of my OB routers.
What I want to do is to log each new connection that creates a state,
ideally in a database.
In another Linux router I have (and want to replace with OB) I use ulogd
userspace daemon and a specific iptables entry:
-A FORWARD -i
On Fri, Jan 25, 2013 at 12:07 PM, Xinform3n wrote:
>> Don't think xeons ever supported ia64.
>
> That's true...
> I confused Intel 64 instructions. EMT64 ?
> Anyway, OpenBSD amd64 won't work on this type of CPU, right ?
>
I used to run OpenBSD/amd64 firewalls on machines that had Xeons with
early
On Fri, Jan 25, 2013 at 01:18:00PM +0100, Xinform3n wrote:
> > OpenBSD-amd64 runs on intels that do have EMT64. Its just intel that
> > wanted a name for the 64bit mode without "amd" in the name.
>
> You are probably speaking about x86_64, not EMT64.
> EMT64 isn't compatible with amd64, x86_64 no
2013/1/25 Xinform3n :
>> Don't think xeons ever supported ia64.
> That's true...
> I confused Intel 64 instructions. EMT64 ?
> Anyway, OpenBSD amd64 won't work on this type of CPU, right ?
OpenBSD-amd64 runs on intels that do have EMT64. Its just intel that
wanted a name for the 64bit mode without
On 24.1.2013 г. 17:05 ч., Leonardo Lombardo wrote:
Hi all,
my setup is a firewall/router for a network in which I have a lot of VLANs.
WAN connection is only one so bandwith is a concern. WAN connection is
10Mbit/s.
Is there a way to shape N VLANs as a whole while having some other VLAN
with a
On Thu, Jan 24, 2013 at 11:23:15PM -0700, Chris Hettrick wrote:
> I noticed that apropos sendmail states that it is from Section 1 of the man
> pages, but it should be in Section 8.
> This is found on an AMD64 5.2 and also on the web interface.
> man 8 sendmail works, but man 1 sendmail doesn't (a
2013/1/25 Xinform3n :
> Reply @Thomas Bodzar
>> Why i386 on 12GB of RAM? Did you test amd64 and best option current?
> Because it's an old Xeon CPU which doesn't support amd64 instructions
> (only ia64).
Don't think xeons ever supported ia64.
--
May the most significant bit of your life be posit
15 matches
Mail list logo
