2011/1/7 Girish Venkatachalam girishvenkatacha...@gmail.com:
Many websites these days Akamize or do whatever that gives them a
different IP address
everytime you access it.
And consequently pf which does not know a thing about domains does not help
us.
What exactly is the problem you want
On Fri, Jan 07 2011 at 59:07, Girish Venkatachalam wrote:
I try to use OpenBSD wherever I can and in the firewall I have
installed in a big jewel store
here I have the following problem.
Many websites these days Akamize or do whatever that gives them a
different IP address
everytime you
Don't use stupid shit like Akamize. Problem solved.
Stop making people laugh at you.
On Fri, 07 Jan 2011 10:25 +0100, Claer cl...@claer.hammock.fr wrote:
On Fri, Jan 07 2011 at 59:07, Girish Venkatachalam wrote:
I try to use OpenBSD wherever I can and in the firewall I have
installed in a
On Fri, Jan 7, 2011 at 2:43 PM, Martin Schrvder mar...@oneiros.de wrote:
And consequently pf which does not know a thing about domains does not help
us.
What exactly is the problem you want to solve?
Sorry for having been abstract.
Here is the detailed explanation.
One domain translates to
On Fri, Jan 07, 2011 at 05:50:25AM -0500, Eric Furman wrote:
On Fri, Jan 07 2011 at 59:07, Girish Venkatachalam wrote:
Many websites these days Akamize or do whatever that gives them a
different IP address
everytime you access it.
Don't use stupid shit like Akamize. Problem solved.
On Fri, 2011-01-07 at 16:26 +0530, Girish Venkatachalam wrote:
On Fri, Jan 7, 2011 at 2:43 PM, Martin Schrvder mar...@oneiros.de wrote:
And consequently pf which does not know a thing about domains does not help
us.
What exactly is the problem you want to solve?
Sorry for having
Thus said Girish Venkatachalam on Fri, 07 Jan 2011 16:26:01 +0530:
Due to this , whatever IP address pf(4) knows at the time of ruleset
loading alone works.
Use pfctl and a cronjob to periodically update a table. Kludgey, sure...
Andy
I try to use OpenBSD wherever I can and in the firewall I have
installed in a big jewel store
here I have the following problem.
Many websites these days Akamize or do whatever that gives them a
different IP address
everytime you access it.
And consequently pf which does not know a thing about
Hey list! if you can spare some time read the following :)
i have a domain living inside a very very unsecure university network that is
administered by some morons. it is highly compromised in many layers
but i can't touch it.
so i have a NATing firewall and i am running my services behind that.
Chris Kuethe wrote:
On 11/11/05, Matthew R Powell [EMAIL PROTECTED] wrote:
Greetings,
My 3.7 firewall is holding up DNS requests. pflog suggests that my very
first rule, 'block log all' is stopping them.
As it should.
Further down my rule set, however, exists the following
--On 22 June 2005 09:03 -0400, Vivek Ayer wrote:
Once I enable pf with the given ruleset, I can't all of a sudden ping
to domains.
PF is doing exactly what you told it ...
priv_nets = { 127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8 }
[...]
block drop in quick on $ext_if from $priv_nets to any
Hi,
I recently setup a firewall/router using OpenBSD 3.7 (upgraded to
current). I've been having problems getting to the internet, which is
a DSL modem via dhclient. The firewall has 3 interfaces to it: dc1
(goes to internet), dc0 (goes to internal ethernet), and ral0 (goes to
wireless ethernet).
On Tue, Jun 21, 2005 at 11:56:00AM -0400, Vivek Ayer wrote:
I'm not running a name server on firewall. I'm simply proving the
nameserver of the ISP in dhcpd.conf, which is 192.168.1.1. I know
something is wrong in my pf.conf. IP forwarding is on, but no NAT
seems to be happening. I can ping to
Here are the five files inline:
This is /etc/pf.conf:
# $OpenBSD: pf.conf,v 1.28 2004/04/29 21:03:09 frantzen Exp $
#
# See pf.conf(5) and /usr/share/pf for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets
On Tue, Jun 21, 2005 at 02:18:03PM -0400, Vivek Ayer wrote:
priv_nets = { 127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8 }
--snip--
block drop in quick on $ext_if from $priv_nets to any
block drop out quick on $ext_if from any to $priv_nets
from your first post:
I'm not running a name server on
15 matches
Mail list logo