Re: Redundant Bridging Firewall

2005-01-21 Thread Russell Fulton
On Fri, 2005-01-21 at 12:48 -0800, Dylan Martin wrote: > My redundant bridging firewall don't work no more with 3.6! > > As background, the bridge interfaces have 'learn' disabled. That means, > they never cache information about which interface a packet came from. > (The inactive bridge would t

Redundant Bridging Firewall

2005-01-21 Thread Dylan Martin
My redundant bridging firewall don't work no more with 3.6! Hi folks, a while back I set up a redundant bridging firewall and I wrote up a web page describing how it works. Well, now that I've upgraded to 3.6, I've discovered it doesn't work any more. So! If you were going to follow the directi

Re: Using DNS names in pf.conf?

2005-01-21 Thread Trevor R.H. Clarke
Henning Brauer wrote: * Kevin <[EMAIL PROTECTED]> [2005-01-19 21:41]: Are there any "gotchas" I should know about when using dns names in pf.conf, specifically in tables used as destinations for permit rules? well, if DNS is not available by the time pfctl tries to load your pf.conf you're pretty

Re: pf: messages /bsd: pf_map_addr: selected

2005-01-21 Thread marc gmx
I do the same test on a FreeBSD 4.8-p17, IP Filter: v3.4.31. There is no lost of packets. I change my perl script to send more slowly the snmp packets. With 100 000 packets in 31 seconds, 82599 are received. With 100 000 packets in 89 seconds, 5 are received !!! Some help ? Here my perl scri

Re: First time user comments

2005-01-21 Thread Jason Opperisano
On Thu, 2005-01-20 at 17:05, Peter Fraser wrote: > The very broad: I don't understand why there is separate configuration > files for bridges and routing and packet filtering. routing and bridging are two separate things. > Now for the picky ones. > > Could the "syntax error" message, give the p

Re: Using DNS names in pf.conf?

2005-01-21 Thread Siju George
On Thu, 20 Jan 2005 14:33:00 +0100, Henning Brauer <[EMAIL PROTECTED]> wrote: > * Kevin <[EMAIL PROTECTED]> [2005-01-19 21:41]: > > Are there any "gotchas" I should know about when using dns names in > > pf.conf, specifically in tables used as destinations for permit rules? > > well, if DNS is not

Re: First time user comments

2005-01-21 Thread Henning Brauer
* Peter Fraser <[EMAIL PROTECTED]> [2005-01-21 00:54]: > Could the "syntax error" message, give the position in the line that the > error occurred, or at least the token that caused it. no - that is not how parsers work. syntax error actually says it didn't match any production from the grammar.