Hello,
Sorry to bother everyone with this miniscule question. I am trying to
figure out how to add temporary rules to pass traffic for a particular
service?
What I am trying to do is set up a test ftp server for Internet
customers to use on a controlled basis. A tech would run a command (v
authpf?
I thought about that, but authpf only allows the source address the ssh
client originated from. In this case, the ssh client will be a tech. The
source address the ftp will come from will be different (the source IP
will be varied customers of ours with varied IP addresses). Customers will
not hav
I'm sure it matters :)
bye
BB
>From: Steve Bellovin <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Input requested for second edition of "Firewalls and Internet
> Security"
>Date: Mon, 14 Oct 2002 12:08:03 -0400
>
>We've just about finished the draft manuscript for the second
>edition of
You can write a script to automatically generate tour rules file
similiar to the one recently announced on deadly.org:
http://www.deadly.org/article.php3?sid=20020919022924
Another approach is to modify authpf to add/remove rules based on
your requirements.
Finally, I have been working on a way
Sorry for the late reply, I have been really busy last week.
On Mon, Oct 07, 2002 at 12:38:09PM +0200, Ed White wrote:
> > I will come up with better examples later. promise.
>
> I'm really interested, because I didn't understand what is the objective ;-)
The objective is to allow applications
> > > I will come up with better examples later. promise.
> > I'm really interested, because I didn't understand what is the objective ;-)
> The objective is to allow applications to insert and remove rules dynamically.
> The present mechanisms for adding/removing rules are too general to be
> eas
On Mon, Oct 14, 2002 at 04:46:33PM -0400, Mike Frantzen wrote:
> > To make matters
> > more complex, if the application crashes, it may leave permanent rules
> > in the ruleset.
>
> Aha! That is a real issue. The way we had talked about solving that up
> in Calgary was to extend proc so rules
On Mon, Oct 14, 2002 at 04:46:33PM -0400, Mike Frantzen wrote:
> Aha! That is a real issue. The way we had talked about solving that up
> in Calgary was to extend proc so rules could be tied to a process. When
> the process goes away, it calls back into PF which removes the rules.
> Were we tal
