Hallo all,
thank you for your answers.
> > >
> > > table const { }
> > > pass quick proto tcp from to any port 22 no state
> > > pass in quick proto tcp from any to any port rdr-to 127.0.0.1
> > > port 22 block quick proto tcp from any to any port 22
> > >
> > >
> > > But o
On 2012-01-05, Gregory Edigarov wrote:
> On Thu, 5 Jan 2012 09:21:16 +0100
> Rafal Bisingier wrote:
>
>> Hi,
>>
>> On Thursday, 05 Jan 2012 at 09:00 CET
>> Robert Wolf wrote:
>>
>> >
>> > table const { }
>> > pass quick proto tcp from to any port 22 no state
>> > pass in quick prot
Hi,
start with block rule without "quick", then apply pass rules.
something like this:
table const { }
block proto tcp from any to any port 22
pass quick proto tcp from to any port 22 no state
pass in quick proto tcp from any to any port rdr-to 127.0.0.1 port 22
2012/1/5 Gregory Ediga
On Thu, 5 Jan 2012 09:21:16 +0100
Rafal Bisingier wrote:
> Hi,
>
> On Thursday, 05 Jan 2012 at 09:00 CET
> Robert Wolf wrote:
>
> >
> > table const { }
> > pass quick proto tcp from to any port 22 no state
> > pass in quick proto tcp from any to any port rdr-to 127.0.0.1
> > p
Hi,
On Thursday, 05 Jan 2012 at 09:00 CET
Robert Wolf wrote:
>
> table const { }
> pass quick proto tcp from to any port 22 no state
> pass in quick proto tcp from any to any port rdr-to 127.0.0.1 port 22
> block quick proto tcp from any to any port 22
>
>
> But of course,
Hallo all,
May I ask any PF professional for his advice?
I have openbsd router with more interfaces doing routing. It does not work as a
firewall so there is only one rule "pass flags any no state".
Because of many hack-scripts doing SSH logins and filling logs I would like to
block every SSH
6 matches
Mail list logo
