Bill Swisher wrote:
After reading over the pf-faq.pdf file I have, at this time, one
question. The home/small office example assumes that the internet lives
off of ep0. In my case this is partially true. What really is there
is a router running on the network 192.168.2.* (my internal
On Tue, Jun 21, 2005 at 08:23:49PM -0400, Jason Dixon wrote:
On Jun 21, 2005, at 6:24 PM, Bill Swisher wrote:
After reading over the pf-faq.pdf file I have, at this time, one
question. The home/small office example assumes that the internet
lives off of ep0. In my case this is partially
Hi all,
I have a very simple setup. One soekris that is acting as firewall
and router
between two private networks. The rules are quite simple, and are
suppose
to only let the traffic for a few ports to past form the DMZ to the
App Zones and
vice-versa.
I don't understand what I am doing
Jaime Vargas wrote:
pass out log all
You probably want keep state on the pass out rule. The SYN/ACK reply
from $app_net isn't being allowed in this ruleset. You can see that in
your tcpdump capture below:
02:08:14.260021 rule 0/0(match): block in on sis1: 192.168.100.52.51011
On Jun 21, 2005, at 10:00 PM, Jason Opperisano wrote:
priv_nets = { 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8,
!192.168.2.0/24 }
i'm certainly missing something here, as i am somewhat new-ish to pf
(long time with ipf, though)...
the above macro definition of priv_nets will
One thing to note on a semi-related topic is that when specifying
subnets in tables, as of 3.7-RELEASE, subnets that weren't /24 (or
probably /16 or /8) didn't work. I had a /22 subnet which didn't work
where specifying the 4 class C's using /24 did. I mentioned it before
but it was either
Jason Dixon wrote:
On Jun 21, 2005, at 6:24 PM, Bill Swisher wrote:
After reading over the pf-faq.pdf file I have, at this time, one
question. The home/small office example assumes that the internet
lives off of ep0. In my case this is partially true. What really
is there is a router
On Tue, Jun 21, 2005 at 09:16:16PM -0400, Jaime Vargas wrote:
Hi all,
I have a very simple setup. One soekris that is acting as firewall
and router between two private networks. The rules are quite simple,
and are suppose to only let the traffic for a few ports to past form
the DMZ to the
Hi,
I have two FreeBSD 5.4-stable i386 boxes running PF in the typical
failover configuration: one external interface, one internal, one
sync. I also have softflowd running on the internal interface of both
systems, to capture traffic flow information.
About a week and a half ago, I started
US$22.Million Mission
Musa mamadu
[EMAIL PROTECTED]
Dear Friend,
I am Mr.Musa mamadu, a merchant in Dubai, Arab Emirate. I have been
diagnosed with Cancer which was discovered very late due to my laxity
in caring for my health. It has defiled all forms of medicine. Right
now I have only
I recently occur strange message from PF on my OpenBSD 3.7 gate
pf BAD state TCP ... ani IP address
ps state failure on 2 | 5
gate work normally 5 months without this error , kernel generic
What is mean and how to resolve it ?
* Kelley Reynolds [EMAIL PROTECTED] [2005-06-22 15:24]:
One thing to note on a semi-related topic is that when specifying
subnets in tables, as of 3.7-RELEASE, subnets that weren't /24 (or
probably /16 or /8) didn't work.
I highly doubt that (and it is the first time I hear this)
12 matches
Mail list logo
