Ahh, I see what you guys are talking about now. I should really read
the whole thread before replying. Very interesting stuff.
A
--- Daniel Hartmeier <[EMAIL PROTECTED]> wrote:
> On Mon, Oct 04, 2004 at 06:09:56PM +0200, Ed White wrote:
>
> > Who's right ?
>
> There's no contradiction that I
change your pass in rule to quick or move the rule beneath your block in
rule
--
clint
Cryptek, Inc.
Mipam wrote:
On Sun, 3 Oct 2004, Peter Matulis wrote:
> > Output from pflog0:
> >
> > 4. 422299 rule 1/0(match): block in on wm0: IP (tos
> > 0x0, ttl 242, id
> > 58380, offset 0, flags [DF],
On Sun, 3 Oct 2004, Peter Matulis wrote:
> > Output from pflog0:
> >
> > 4. 422299 rule 1/0(match): block in on wm0: IP (tos
> > 0x0, ttl 242, id
> > 58380, offset 0, flags [DF], length: 44, bad cksum
> > d0ab (->2145)!)
> > 129.128.5.191.20 > 82.161.169.153.55674: S [tcp sum
> > ok]
> > 69399152
On Mon, 4 Oct 2004, Csillag Tamas wrote:
> Does anyone have a version that works with 3.6 too?
> (mine does not even compile)
Anchors changed in 3.6, that's why 0.91 does not compile.
But the new ftpsesame version is almost ready for a release. I'll
probably put it up this week.
--
Cam
On 10/04, Henrik Bro wrote:
> I am new to openbsd and ftpsesame.
>
> How do I get ftpsesame to start on boot?
>
> Regards Henrik
If this topic came up let me ask:
Does anyone have a version that works with 3.6 too?
(mine does not even compile)
--
cstamas
* Ed White <[EMAIL PROTECTED]> [2004-10-04 18:32]:
> On Sunday 03 October 2004 01:10, Camiel Dobbelaar wrote:
> > dhcpd (like tcpdump) uses bpf/libpcap, which gets a copy of the network
> > data before pf does. This means you cannot use pf to filter what gets to
> > dhcpd.
>
> Quoting from here:
On Mon, Oct 04, 2004 at 06:09:56PM +0200, Ed White wrote:
> Who's right ?
There's no contradiction that I can see, just inprecision :)
You have to distinguish bpf listeners and raw socket readers vs. raw
socket writers on input vs. output paths.
On the input path you have
wire --> nic --> bp
* Daniel Hartmeier <[EMAIL PROTECTED]> [2004-10-04 18:28]:
> On Mon, Oct 04, 2004 at 08:29:06AM +0200, Björn Ketelaars wrote:
>
> > A simple solution to this problem would be to remove wi0 from
> > dhcpd.interfaces, but I wonder; is it 'wise' to give daemons the option to
> > 'bypass' pf?
>
> It
On Sunday 03 October 2004 01:10, Camiel Dobbelaar wrote:
> dhcpd (like tcpdump) uses bpf/libpcap, which gets a copy of the network
> data before pf does. This means you cannot use pf to filter what gets to
> dhcpd.
Quoting from here: http://www.onlamp.com/lpt/a/4839
Federico: If I'm not wrong,
On Mon, Oct 04, 2004 at 08:29:06AM +0200, Björn Ketelaars wrote:
> A simple solution to this problem would be to remove wi0 from
> dhcpd.interfaces, but I wonder; is it 'wise' to give daemons the option to
> 'bypass' pf?
It boils down to whether you want bpf to see incoming packets before they hi
On Mon, 4 Oct 2004, Henrik Bro wrote:
> I am new to openbsd and ftpsesame.
>
> How do I get ftpsesame to start on boot?
I use /etc/rc.local:
if [ -x /usr/local/bin/ftpsesame ]; then
echo -n ' ftpsesame'; /usr/local/bin/ftpsesame -i em0
fi
Ahh.. how would _any_ software that uses IP (TCP or UDP) be able to
"bypass" pf? Doesn't pf operate at layer 2 and 3? AFAIK, DHCP still
ends up heading out of the client or server over the network as UDP
packets on ports 67 & 68. eg:
http://www.dhcp-handbook.com/dhcp_faq.html#wppdd
Andrew
--- B
I am new to openbsd and ftpsesame.
How do I get ftpsesame to start on boot?
Regards Henrik
> Does your dhcpd server listen on wi0 ?
>
> /Sigfred
>
>
> On Saturday 02 October 2004 18.28, you wrote:
>> I'm trying to block wireless clients in using my DHCP-server. The
>> problem is that these clients are still able to retrieve IP-information
>> from the DHCP-server. If I understand the here
14 matches
Mail list logo
