On Sat, 04 May 2013 13:08:39 -0800, Sioux C. Queue wrote:
The FAQ at OpenSUSE is a fine document. On the page
www.openbsd.org/faq/pf/tables.html I found this or the self keyword. On the
page www.openbsd.org/faq/pf/filter.html I found this table firewall const {
self }. And finally, I think,
Still learning
I am trying to set up a box with two interfaces. I DO NOT want to route
traffic through it.
It is at a site where there are two connections to the net and I want
the testbox to have an address on each of the LANs which are attached
to the routers for those two connections.
On Tue, 20 Jan 2009 13:19:57 +, Stuart Henderson wrote:
On 2009/01/20 22:40, Rod Whitworth wrote:
Still learning
I am trying to set up a box with two interfaces. I DO NOT want to route
traffic through it.
It is at a site where there are two connections to the net and I want
On Sat, 5 Jan 2008 22:35:11 -0800, David Querbach wrote:
I've just recently built an OpenBSD firewall with a CF disk. It works just
fine -- the installation proceeds exactly as for a mechanical disk.
I do, however, use the mfsmount script
On 31 Dec 2005 16:29:34 -0800, Randal L. Schwartz wrote:
Nope. No hostnames. And there's nothing in pf.conf that sets up
anything that DNS would need, anyway. My pf.conf is very simple (I'll
send it by email to anyone who asks, but the security-dude in me says
don't post it to the public),
On Tue, 16 Aug 2005 11:36:18 +0200, Daniel Hartmeier wrote:
I didn't get a single piece of feedback. Without any testing
confirmation, this will not make it into 3.8. If this is important
to YOU, please test it now.
Daniel
For the benefit of the archives:
A smart patch from Daniel fixed the
I have been awake since 0323 and it is now 1950 but I want to get this
thing to shut up before I die/sleep:
I have done quite a few authpf things and they always work. I have a
labrat on my workbench and logging in from another box using an authpf
account gets the usual Hello fred you are
On Fri, 08 Apr 2005 14:13:04 +0200, Peter N. M. Hansteen wrote:
Rod.. Whitworth [EMAIL PROTECTED] writes:
On the target /var/log/messages says:
Apr 8 19:46:20 puffy -authpf: cannot open packet filter device
(Permission denied)
Strange. Could it be your kernel and userland are out of sync
On Fri, 08 Apr 2005 07:01:56 -0600, j knight wrote:
Rod.. Whitworth wrote:
pf.conf with:
anchor /authpf/*
With a leading slash? I'm not sure if this would cause you problems or
not...
That's a long day typo. I had it correctly done in the file.
placed just after a block rule
On Wed, 5 Jan 2005 18:20:10 -0500, brianBOFH wrote:
Hi,
I have two 192.168.1.0/24 networks physically separated. I need to
get connectivity from one to the other and vice versa _without_
renumbering hosts.
That being said - I have an openbsd 3.6 machine with one public and
one private
I recently set up a new firewall and decided to implement
spamd/greylisting for a mailserver on my server network.
(There's a LAN of rfc1918 stuff as well but that's not important here)
After doing the config I decided to go look at what the sending MTA
sees when trying to send mail to my server.
On Wed, 27 Oct 2004 10:28:52 +0200 (CEST), Björn Ketelaars wrote:
If you don't want any PCs on the LAN to access your server but for udp
53 (will mean you can't even SSH into the box) why don't you add
something like:
pass in quick on $int_if proto udp from $int_if:network to $int_if \
On Sat, 2 Oct 2004 11:57:17 +0200, messmate wrote:
Hi,
a sudo pfctl -sr | grep block give me
indeed the 'block drop' as default.
1. But a check on
http://www.grc.com/
give me only 'closed' as result of the ports state.
Why not 'stealth' ??
2. seems a 'set block-policy drop' is a syntax error ??
On Tue, 28 Sep 2004 22:03:55 -0400, Greg Wooledge wrote:
Personally, I prefer not to reveal the usernames behind the client
connections I'm making, so I use nullidentd. It's very simplistic; it
just returns a constant string for all ident requests. (It doesn't
appear to be in ports; I simply
Due to all the people who try to do active FTP with NATted clients
behind pf firewalls doing lots of questioning about why they should
have read the FAQs I find it difficult to construct a query to Mrs
Google about whether it is possible for an active FTP session to happen
from the NAT/Firewall
On Thu, 29 Jul 2004 02:17:46 -0600, jared r r spiegel wrote:
On Wed, Jul 28, 2004 at 12:44:34PM -0700, [EMAIL PROTECTED] wrote:
I have a mail server behind a obsd 3.5 firewall and I am having timeout errors
when I try and send an email with a large (5MB or greater) attachment.
i would have
Bruno Miguel Afonso wrote lots of interesting hints.
Thankyou Bruno, I'll do some work on a system next weekend and put your
hints into practice. It sure looks like it will choke down to dial-up
speed.
What it made me wonder about, that I never thought of before, is what
exactly happens to an
I have read lots of helpful pf.conf examples that seem to do reasonably
complex queueing and that's fine but I am sure there is a simple way to
do what I want.
No Google lead pointed at someone doing just the task described below.
I did STFA here too
In order to demonstrate how slow a webpage
18 matches
Mail list logo