I'm running -current on i386 with kernel and userland rebuilt
using sources as of 2002/11/23 15:00:20. Propolice is enabled and
/etc/malloc.conf is set to AJ. The only 2 rules are below in the -v
output. If I remove /etc/malloc.conf then it doesn't core out, so it's
memory problem.
(gdb) run -v
On Sat, Nov 23, 2002 at 03:34:06PM +0100, Stefan Sonnenberg-Carstens wrote:
> But if add a rule like :
>
> Binat on rl0 from any to 192.168.0.3 -> xx.yy.zz.aa, it does not work.
Try
binat on rl0 from 192.168.0.3 to any -> xx.yy.zz.aa
instead.
Daniel
On Sat, Nov 23, 2002 at 03:01:52AM -0800, Stephen Gutknecht (OBSD-PF) wrote:
> My question: How well does stateful inspection work with crappy clients?
very well.
their tcp stack had to be so fucked up that it would most probably not work
at all to cause problems with keep state.
I have a OpenBSD 3.2 firewall here, wich has an
external interface rl0, with a routable IP Adress asigned, and an internal
interface xl1, with a private IP assigned.
On the internal side is a private network with some
servers, 192.168.0.3 – 192.168.0.10, and I have corresponding routable I
I'm curious if anyone can provide some experience on something I have
observed...
We have a OpenBSD 3.1 firewall protecting a public web site. We are using
good hardware (Intel ISP1100 1u server / Intel Pro Ethernet adapters) by all
accounts, etc. At times, the only way we have been able to get