Re: Kerberos SSH routing tables problem

2019-09-06 Thread Stuart Henderson
The __automatic table is created by pfctl's ruleset optimiser, probably from $broken. I suspect this ilauncher program is tripping either sshguard or your max-src-conn-rate or max-src-conn rules. -- Sent from a phone, apologies for poor formatting. On 6 September 2019 03:57:04 Predrag Punos

Re: Kerberos SSH routing tables problem

2019-09-05 Thread Predrag Punosevac
On 2019-08-02, Stuart Henderson wrote: > On 2019-07-29, Predrag Punosevac wrote: > > Hi Misc, > > > > I am using Edgerouter lite as a firewall/DNS cashing resolver for one of > > our remote location > > > > ubnt1# uname -mrsv > > OpenBSD 6.5 GENERIC.MP#0 octeon > > > > The desktops behind the fir

Re: Kerberos SSH routing tables problem

2019-08-02 Thread Stuart Henderson
On 2019-07-29, Predrag Punosevac wrote: > Hi Misc, > > I am using Edgerouter lite as a firewall/DNS cashing resolver for one of > our remote location > > ubnt1# uname -mrsv > OpenBSD 6.5 GENERIC.MP#0 octeon > > The desktops behind the firewall have to use Kerberised SSH to perform > some work on o

Re: Kerberos SSH routing tables problem

2019-07-30 Thread Byte Skeptical
Ran into a similar issue on my ERL when I used egress in my pf rules. Ended up trunking the ethernet ports using aggr(4) and switched to using that interface in my rules, got failover as a bonus. Still not sure why egress behaves this way and if its a bug or my own misunderstanding. Running OpenBS

Kerberos SSH routing tables problem

2019-07-29 Thread Predrag Punosevac
Hi Misc, I am using Edgerouter lite as a firewall/DNS cashing resolver for one of our remote location ubnt1# uname -mrsv OpenBSD 6.5 GENERIC.MP#0 octeon The desktops behind the firewall have to use Kerberised SSH to perform some work on one of .mil servers. I opened egress ports kerberos, klogin