Tables are the key. This is how I do it here:
On the internal interface, use a pass rule from a table listing all internal
ips to any, keep state.
table persist file "/etc/internal_ips"
pass in on $int_if from to ! $dmz_net keep state
/etc/internal_ips is just a list of addresses,
Hello.
I was searching in archive, but i can't find any solution for my problem
(maybe i don't know good keywords).
My problem:
How count (and ewentually graph) incoming/outgoing traffic to the internet
from hosts which are connected through OpenBSD firewall/nat to the internet?
Of corse im looking
Microsoft Security Center wrote:
Was wondering if anybody know if it is possible to add some Default rules
to the kernel or something when compiling..
Well, remember that it's OpenBSD, so you've the source code.
You can probably do what you're asking for by adding 5 lines
of code in net/pf.c insi
On Thu, Feb 12, 2004 at 01:47:11PM +0100, Microsoft Security Center wrote:
>
> Was wondering if anybody know if it is possible to add some Default
> rules to the kernel or something when compiling.. I want to add a
> default pass in rule from a specific IP, and by doing so reducing the
> chance tha
On Sat, Jan 31, 2004 at 03:13:48AM -0700, jared r r spiegel wrote:
>
> http://www-2.cs.cmu.edu/~hzhang/HFSC/software.html
>
> i tried last week getting the altq-2.??? and -3.??? tar.gz from that page because
> i became smitten with wanting to be able to use the "graphical user
> interface
