On 16 Feb 2004 21:16:58 -0800, [EMAIL PROTECTED] (Alejandro G. Belluscio)
wrote:
>What?!?! Why don't you use CDIR notation. In so many addresses it surely
>have some ranges. Else it's ridiculous.
Not to put too fine a point on it. If he wants to block spammers, it would
be far easier to tar pi
Hello All,
It says in the FAQ that using the 'reassemble tcp' scrub option keeps an
observer from guessing how many hosts are behind a NAT gateway. The main
thing I plan to use this for is to prevent my ISP from finding out I have
more than 1 computer connected, and then start asking me to pay mo
A. Wright wrote:
Hello All,
It says in the FAQ that using the 'reassemble tcp' scrub option keeps an
observer from guessing how many hosts are behind a NAT gateway. The main
thing I plan to use this for is to prevent my ISP from finding out I have
more than 1 computer connected, and then start a
On Tuesday 2004 February 17 09:39, A. Wright wrote:
> Hello All,
>
> It says in the FAQ that using the 'reassemble tcp' scrub option keeps
> an observer from guessing how many hosts are behind a NAT gateway.
> The main thing I plan to use this for is to prevent my ISP from
> finding out I have mor
On Tue, Feb 17, 2004 at 10:39:27AM -0500, A. Wright wrote:
> Is there a way with pf to "wash" these ambiguities (window size, syn packet
> size, etc) away so that all outgoing TCP packets look the same? Maybe even
> set them to user-defined variables, as we already can with 'max-mss' and
The most
> Hello All,
>
> It says in the FAQ that using the 'reassemble tcp' scrub option keeps an
> observer from guessing how many hosts are behind a NAT gateway. The main
> thing I plan to use this for is to prevent my ISP from finding out I have
> more than 1 computer connected, and then start asking m
I don't think PF can (currently) do this.
A easier/better solution would be to run a socks server on one of the
boxes and use socks on the others as clients. Then all the
connections come from a single PC.
Dom
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dom De Vitto
> Is there a way with pf to "wash" these ambiguities (window size, syn packet
> size, etc) away so that all outgoing TCP packets look the same? Maybe even
> set them to user-defined variables, as we already can with 'max-mss' and
> 'min-ttl'?
Use the syn-proxy. It crafts all of the SYN's by hand
