e http connection stalls. Changing the above rule to:
> pass in log quick inet proto tcp to port http modulate state
>
> "fixes" the stall and the header is transmitted by the webserver just
> fine.
Does this happen with hosts other than cds.sun.com?
--
Darrin Chandler
alf-baked python script that you can use as a starting point:
http://phxbsd.com/OpenBSD/mystuff/spf_whitelist.py
--
Darrin Chandler| Phoenix BSD User Group | MetaBUG
[EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/
http://www.stilyagin.com/ | Dae
to other recent commitments I can't participate as I did for the BSD
cert. I do think that a multi-level or "areas of competency" test would
be a nice approach.
--
Darrin Chandler| Phoenix BSD User Group | MetaBUG
[EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/
http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
(-vvv) it's the same with or without pf.
Can you tell with -vvv where the delay is happening? Without pf it's 3
secs so everything should be zing, zing, zing. With pf the delays should
be easy to spot with -vvv.
--
Darrin Chandler| Phoenix BSD User Group | MetaB
way down. Pure goodness.
The article I mention is at
http://undeadly.org/cgi?action=article&sid=20061108134508
--
Darrin Chandler| Phoenix BSD Users Group
[EMAIL PROTECTED] | http://bsd.phoenix.az.us/
http://www.stilyagin.com/ |
Okay, nevermind!
After MORE looking I finally found the article on undeadly with simplest
complete configs and it works like a charm. Phew!
Thanks for your patience.
--
Darrin Chandler| Phoenix BSD Users Group
[EMAIL PROTECTED] | http://bsd.phoenix.az.us/
http
here.
Seems that no matter what I do, traffic goes over the bridge and will
not rdr to 127.0.0.1. I tried doing the route-to, etc.
Does anyone have this working, and willing to share the secret? Or I
will gladly post my configs if someone will help!
--
Darrin Chandler| Phoenix BS
es, nat/rdr use the first match
instead of the last. Does something above your "$alias port 80 ->" rule
also match? Perhaps something with ($ext_if)?
--
Darrin Chandler| Phoenix BSD Users Group
[EMAIL PROTECTED] | http://bsd.phoenix.az.us/
http://www.stilyagin.com/ |
ot been attacked, but I've seen the onslaught of botnet scans
(scans of a certain type occuring within a short time from diverse
places).
My conclusion is that your time is best spent securing the network and
individual boxes, and less time blocking drive by shooters (who won't be
back anyw
do this yourself, and you'd want to be
careful!
--
Darrin Chandler| Phoenix BSD Users Group
[EMAIL PROTECTED] | http://bsd.phoenix.az.us/
http://www.stilyagin.com/ |
ce bit about this in the FAQ. Look for "reflection" if I
recall correctly...
--
Darrin Chandler| Phoenix BSD Users Group
[EMAIL PROTECTED] | http://bsd.phoenix.az.us/
http://www.stilyagin.com/ |
11 matches
Mail list logo