eric wrote:
On Tue, 2005-06-07 at 22:05:33 -0700, craSH proclaimed...
tcpdump is pretty much just for inspecting the headers of packets, to
capture data and entire sessions, snort would be a good tool to use.
Wow, quit spreading bad information.
tcpdump(8) is to capture packets, in full or
I use tcpdump to trouble-shoot my firewall, set up my rules, etc. I
found the -x option which dumps the packet in hex. Can I view the
packet data with tcpdump or do I need to install Ethereal or something?
Any help is appreciated.
rvb
Renato wrote:
why I can see these arp request?
192.168.205.0 is my internal network and I don't want that from
external network sameone could loock at my internal address ...
Renato,
As far as I know (and from what I've read) this is normal and nothing
to be alarmed about. Also, I think if someon
Kevin wrote:
On Sun, 30 Jan 2005 15:41:41 -0600, Rick Barter <[EMAIL PROTECTED]> wrote:
Kevin wrote:
I do not think this is technically possible without extensive effort,
nor desirable. The 'ident' (auth, tap, TCP/113) protocol is no longer
very useful for the original purpose,
Kevin wrote:
I do not think this is technically possible without extensive effort,
nor desirable. The 'ident' (auth, tap, TCP/113) protocol is no longer
very useful for the original purpose, but it is still required by IRC servers.
Many systems and firewalls, including OpenBSD (via the '-H' flag),
I have been racking my brain and reading, but can't figure out how to
setup pf to pass or rdr ident requests to the the proper client
(behind the firewall) that is trying to connect to an irc server. I
want to rdr the auth (port 113) request coming into my firewall to
whichever machine is tryi
R T wrote:
Yeah, dns wasnt set on the laptop, not too bright today. Its working fine now.
Now to learn about making it an actual firewall :) Thanks guys for the help!
R.T.
No problem, RT. Good luck.
rvb
R T wrote:
Hello folks. Im trying to get my OpenBSD 3.5 machine set up as a router. Heres
the info so far:
xl0 network card getting dhcp address from my isp
ep1 network card hooked to my laptop 192.168.1.1 netmask 255.255.255.0
Well, first thing's first. If 192.168.1.1 is the IP of ep1, does y
jared r r spiegel wrote:
Why would I not see the dropped packets in my log file (pflog0).
in this case i think you would. i looked back at the original
pf.conf you posted that the other fellow replied to and the
'block all' didn't have the "$log_flg" in it (cute idea, btw)...
Thanks. Wh
jared r r spiegel wrote:
yup. by seeing what was dropped.
i _always always always_ keep "block return log all" as the first real
rule in my pf.conf. whether or not you want to return or drop is of
course a matter of taste ( i do drop some things later in a more
specific rule ), and whe
Michael Erdely wrote:
You're doing a "block all" and then aren't allowing esp traffic out.
Try adding the following with your tcp, udp and icmp pass out rules:
pass out $log_flg on $ext_if proto esp all keep state
When troubleshooting something like this, it may be useful to to add
"log" to your de
Okay. I have a problem that I can't get my brain around and I need
some help. My wife needs to connect to her VPN at work. I've
captured packets for her connection and see that it's connecting to
her work server on ports 53 (dns) and 500 (isakmp).
I have been doing a lot of reading (Artymiak
12 matches
Mail list logo