ystem in question is FreeBSD 5.4 with GENERIC kernel.
I was not able to find any postings specifically relevant to this
issue save the above mentioned post. Possibly the Pf code in
FreeBSD 5.4 predate the inclusion of "set skip on" ?
Thanks,
Joe
Okay, this is probably a really dumb question, but I
can't figure out how to control the upload bandwidth
of users in a NAT situation. It's a totally trivial
setup:
- -
Using PF for NAT, PPPoE on the obsd box (WAN
connection of the obsd box has a single public IP).
Create some queues... cont
IM is using 5190 when it connects? It can also use 80 to
connect to the AOL IM server.
Log on to your AOL IM account and run this on your firewall:
pfctl -ss
That will show you what port it's connecting to.
HTH,
Joe
tting through that shouldn't be. After I added an IP to my block list,
some packets still got through (although most do not).
Thanks,
Joe
=
"An eye for an eye soon makes the whole world blind."
--Mahatma Gandhi
ss.
Anybody have any ideas?
Also if you have any comments about my pf rules, please share (but be gentle).
Thanks!
Joe
pf.conf.20041015
Description: pf.conf.20041015
On Sun, Apr 04, 2004 at 02:24:05PM +0200, Daniel Hartmeier wrote:
Hey there,
Thanks for the reply,
> On Thu, Apr 01, 2004 at 04:19:24PM +0100, Joe Warren-Meeks wrote:
>
> >
> >fxp1 | OpenBSD | fxp0
> >
tried binat, rdr, straight nat and various combinations thereof. The
closest i managed was to get the fxp0 -> fxp1 direction working, but the
bitmask was working on the destination address.
Is this possible and any ideas how I can do this?
Thanks for your time and patience
-- joe.
Joe Warr
pf.conf samples I found via Google, but nothing
seems to address this particular issue. I can post the relevant portion of
mine if that's what's needed.
Am I missing something obvious, and/or can someone please give me a helpful
pointer or two?
Thanks!
Joe Pezzillo
Boulder, Colorado USA
ks great. I'm browsing out with my
default route on my cable modem while serving web pages and receiving
mail on a slower dsl line with a static IP address on another interface.
joe
6136 (DF)
Jan 06 21:17:38.638835 rule 44/0(match): in on rl0:
67.92.168.235.20034 > 207.8.3.177.25: F 0:0(0) ack 1 win 26136 (DF)
Jan 06 21:18:38.636961 rule 44/0(match): in on rl0:
67.92.168.235.10589 > 207.8.3.177.25: F 2430806680:2430806680(0) ack
245455123 win 26136 (DF)
joe
process
in any of the logs?
joe
I tried to create a user list with _spamd in it today. I got a syntax
error in the rules using the macro.
works
users="{ root, daemon, joe, tinydns, 62, dnscache, unknown }"
pass out on $static_if proto { tcp, udp } all user $users keep state
doesn't work
users="{ root,
a static IP address on the dsl interface and a default
route
out the cable modem (it is twice as fast).
joe
On Tuesday, December 31, 2002, at 11:10 AM, Ryan McBride wrote:
On Tue, Dec 31, 2002 at 10:55:14AM -0600, Joe Nall wrote:
How do you determine which rule matched in -current?
pfctl -vvs rules
That was it, thanks
joe
ock return in quick on dc0 proto igmp all label drop igmp
block return in quick on rl0 proto igmp all label drop igmp
...
I thought pfctl -s rules put the rule number first.
Will tcpdump be modified to report pf labels?
joe
On Thursday, December 26, 2002, at 07:23 AM, Daniel Hartmeier wrote:
On Tue, Dec 24, 2002 at 11:51:21AM -0600, Joe Nall wrote:
No address pools. Criticism welcome.
Can you try with
... reply-to (if addr) ...
where 'if' is the interface and 'addr' the address of
On Tuesday, December 24, 2002, at 11:27 AM, Daniel Hartmeier wrote:
On Tue, Dec 24, 2002 at 10:02:50AM -0600, Joe Nall wrote:
I took the reply-to out of pf.conf and disabled the cable modem and
the
box is fine.
Can you post the significant reply-to to rule here? If it's using
address
./netinet/
ip_input.c:685
#17 0xd023a161 in ipintr () at
/usr/src/sys/arch/i386/compile/GENERIC/../../../../netinet/
ip_input.c:284
#18 0xd0101de8 in Xsoftnet ()
(gdb)
-
) #1: Mon Dec 23 10:37:06 CST 2002
joe@...:/sys/arch/i386/compile/GENERIC
cpu0: AMD Duron ("AuthenticAMD" 686-c
h version of pf has these abilities, and
2) how do i get from where i am now (openbsd 3.1 default install)
to having the version of pf i need.
what is the best way to upgrade? i've read about the
packages / ports, and i cant make heads or tails of it.
Any direction is greatly apprecia
>
> Try "openbsd pf" The first hit is http://www.benzedrine.cx/pf.html
>
That's how I found this list. Google is my best friend.
joe
20 matches
Mail list logo
