On Thu, Jul 17, 2003 at 05:06:11PM -0300, Alejandro G. Belluscio wrote:
>
> altq on $ext_if priq bandwidth 1Mb queue { q_pri, q_int, q_def, q_low }
> queue q_pri priority 5
> >queue q_int priotity 4
> queue q_def priority 3 priq(default)
> queue q_low priority 2
>
> If I change the "q_int"
i would like to know how to update only OpenBSD Packet
Filter on a OpenBSD system. My OpenBSD is 3.2 and I
would like to upgrade only PF (and its related
component).
i had got all OpenBSd sources from CVS, and i would
like to know what could be the next steps to upgrade
PF.
Thanks
Corentin
___
On Fri, Jul 18, 2003 at 11:34:32AM +0200, C J wrote:
> i would like to know how to update only OpenBSD Packet
> Filter on a OpenBSD system. My OpenBSD is 3.2 and I
> would like to upgrade only PF (and its related
> component).
It's theoretically doable, but there is no step-by-step guide to do s
Le Fri, Jul 18, 2003 at 11:34:32AM +0200, C J nous a écrit:
> i would like to know how to update only OpenBSD Packet
> Filter on a OpenBSD system. My OpenBSD is 3.2 and I
> would like to upgrade only PF (and its related
> component).
>
> i had got all OpenBSd sources from CVS, and i would
> like
Hello everyone,
i have an 3-legged openbsd-bridge to protect my servers from outside. 2
nics are bridged, the 3rd has an private ip and is for the admin stuff.
ep1
|
|
What i found is that ev
On Fri, Jul 18, 2003 at 12:23:51PM +0200, Uwe Reiher wrote:
> Hello everyone,
>
> i have an 3-legged openbsd-bridge to protect my servers from outside. 2
> nics are bridged, the 3rd has an private ip and is for the admin stuff.
>
>
> ep1
>
Daniel Hartmeier wrote:
I assume you didn't assign any addresses to sis0 and ne3, but have an
address on ep1 and a default route through ep1 (or the address/netmask
for ep1 includes and ).
correct :-)
When pf generates a packet (like for return-rst/-icmp, which you are
using through 'set block-p
On Thu, Jul 17, 2003 at 05:06:11PM -0300, Alejandro G. Belluscio wrote:
> Hello pf,
>
> I been getting a message:
> "priq queues cannot have child queues"
> "pfctl: Syntax error in file: pf rules not loaded"
> The offending line is
>
> altq on $ext_if priq bandwidth 1Mb queue { q_pri, q_in
On Fri, Jul 18, 2003 at 11:34:32AM +0200, C J wrote:
> i would like to know how to update only OpenBSD Packet
> Filter on a OpenBSD system. My OpenBSD is 3.2 and I
> would like to upgrade only PF (and its related
> component).
this is possible in theory (and in fact I have done it)., but you
rea
On Fri, Jul 18, 2003 at 01:01:44PM +0200, Uwe Reiher wrote:
> Aah, the main problem was the "block return" policy?
Yes, that statement tells pf to use 'return-rst/-icmp' implicitely in
each block rule. Remove it, and the block rules just drop packets
silently, without sending a reply. See pf.conf
I've had a really nasty "viral cold infection" all week, but this
posting really cheered me up!
Dom
"Some days you're the monument, some says the pigeon..."
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dom De Vitto Tel. 07855 805 271
h
i would like to announce something i've been working on called pflogr. pflogr is a
remote logging system for pf.
features:
- packets are stored using postgresql
- ensures every packet makes it to the database
- packets are decoded at the db server, not the firewall
i've included a very basic php
Hi there.
I'm trying to use OpenBSD 3.3 on a Sun Ultra1.
All the examples I see on the web are doing NAT. Are there any that
dont? Because I have real IP addresses for the hosts behing the OpenBSD
box.
--
mfg
Marc Eggenberger
Anyway you can have it access MySQL as well?
Amir Seyavash Mesry
[EMAIL PROTECTED]
LSI Logic Corporation
http://www.lsilogic.com/
Raid Support Test Technician
6145-D Northbelt Parkway
Norcross, GA 30071
678-728-1211
NOTICE: This communication may contain privileged or other confidential
i
yes, i'll be adding mysql support.
:derek
On Fri, Jul 18, 2003 at 01:29:28PM -0400, Amir Seyavash Mesry wrote:
> Anyway you can have it access MySQL as well?
>
> Amir Seyavash Mesry
> [EMAIL PROTECTED]
> LSI Logic Corporation
> http://www.lsilogic.com/
> Raid Support Test Technician
> 6145-
Just don't enable NAT. Use pass rules instead.
--Bryan
Marc Eggenberger wrote:
Hi there.
I'm trying to use OpenBSD 3.3 on a Sun Ultra1.
All the examples I see on the web are doing NAT. Are there any that
dont? Because I have real IP addresses for the hosts behing the OpenBSD
box.
It uses the Perl DBI (as far as I can tell without actually downloading
it), so it should work with MySQL just fine. It will need some diffs,
but potentially I don't see any reason why it shouldn't work. I've
written something very similar for MySQL, but I'm not ready to release
it yet. If I can
hello,
i was wondering how can i limit the upload rate to a certain value for each IP in a
certain network ?
for example 10kbit/sec for each ip in 172.16.0.0/16
Thanks
Regards,
Angel
On Fri, 2003-07-18 at 10:56, Marc Eggenberger wrote:
> Hi there.
>
> I'm trying to use OpenBSD 3.3 on a Sun Ultra1.
> All the examples I see on the web are doing NAT. Are there any that
> dont? Because I have real IP addresses for the hosts behing the OpenBSD
> box.
It's called a bridge. There
On Fri, Jul 18, 2003 at 08:37:04PM +0200, Angel Todorov wrote:
>
> limit the upload rate to a certain value for each IP in a certain network ?
>
> for example 10kbit/sec for each ip in 172.16.0.0/16
it might be suboptimal, but you could create a queue for each IP,
and then a literal pass ru
once tracking recent pf changes around tagging capability, i
am started to think about 802.1p. why not?
actually, vlan code is (en|de)capsulation engine, priority is
the altq's land. let's think...
- add the dot1p scheduler, similar to priq, but with priority
field reduced to 3 bits and red-only
On Fri, Jul 18, 2003 at 01:41:01PM -0400, Jason Dixon wrote:
> On Fri, 2003-07-18 at 10:56, Marc Eggenberger wrote:
> > Hi there.
> >
> > I'm trying to use OpenBSD 3.3 on a Sun Ultra1.
> > All the examples I see on the web are doing NAT. Are there any that
> > dont? Because I have real IP address
[ I tried to mail you privately, but your mail setup is borken ]
On Fri, Jul 18, 2003 at 10:43:47PM +0300, Alexey E. Suslikov wrote:
> once tracking recent pf changes around tagging capability, i
> am started to think about 802.1p. why not?
>
> actually, vlan code is (en|de)capsulation engine, pr
Hello, i have another question regarding CBQ-based ALTQ queuing
I use the following pf.conf file for an internal network that passes through the
openbsd gateway box then goes its way to the external firewall -> then outside The
problem is that often packets are dropped, for ex. pingging google.
On Fri, 2003-07-18 at 15:41, Henning Brauer wrote:
> On Fri, Jul 18, 2003 at 01:41:01PM -0400, Jason Dixon wrote:
> > On Fri, 2003-07-18 at 10:56, Marc Eggenberger wrote:
> > > Hi there.
> > >
> > > I'm trying to use OpenBSD 3.3 on a Sun Ultra1.
> > > All the examples I see on the web are doing NA
On Fri, Jul 18, 2003 at 10:43:47PM +0300, Alexey E. Suslikov wrote:
> - add the dot1p scheduler, similar to priq, but with priority
> field reduced to 3 bits and red-only parameter;
> - teach pf 0x8100 ether type;
> - tagging with pf is already in -current;
> - glue the things above.
So you want
On Fri, Jul 18, 2003 at 11:53:31PM +0200, Daniel Hartmeier wrote:
> On Fri, Jul 18, 2003 at 10:43:47PM +0300, Alexey E. Suslikov wrote:
>
> > - add the dot1p scheduler, similar to priq, but with priority
> > field reduced to 3 bits and red-only parameter;
> > - teach pf 0x8100 ether type;
> > - ta
27 matches
Mail list logo
