you definitely want to read the FAQ and at very least ..
isakmpd (8) - ISAKMP/Oakley a.k.a. IKE key management daemon
isakmpd.conf (5) - configuration file for isakmpd
isakmpd.policy (5) - policy configuration file for isakmpd
ipsec (4) - IP Security Protocol
ipsecadm (8) - interface to set up IP
> On 04/20/2006 12:57:23 PM, Prabhu Gurumurthy wrote:
> >
> > As I understand the working of the rule set that I have written,
> > again please correct me if I wrong, the rule matching/allowing the
> > inbound on DMZ, again should have an outbound rule set allowing on
> > Internet, is this
> Just curious. tcpdump has the handy "host blah" syntax, where it
> implies src or dst.
>
> Some of my rules could be simplified with a "from or to" sort
> of syntax.
>
> If it doesn't exist, I'll put it on my "to code some day" list.
> --
huh? - I must be misreading/understanding the questi
have you tried looking under SIP?
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> Doug Er
> Sent: Friday, November 25, 2005 9:25 PM
> To: pf@benzedrine.cx
> Subject: AT&T CallVantage VoIP and pf?
>
>
> I got the VoIP adapter, a D-Link DVG-1120M, fo
add port xyz to the end of your example
10.10.10.10 port xyz
ed wrote:
Hello,
I am having troubles with some rdr rules. How should I specify:
rdr pass on $ext_if proto tcp from any to 1.2.3.4 port 80 -> 10.10.10.10
with
pass in on $ext_if proto tcp from any to $range port {80,3389} keep
st
sure use the negative from ! ip
[EMAIL PROTECTED] wrote:
Hi to all
I have an important question:
it's possible to define a filter that have as srcaddr or dstaddr
all ip-address different from a host or a subnet?
thanks
Luca
6X v
craSH wrote:
tcpdump is pretty much just for inspecting the headers of packets, to
capture data and entire sessions, snort would be a good tool to use.
It can be ran on the command line in a way similar to tcpdump and dump
complete data to a pcap file for later inspection with tools such as
ethe
alex wilkinson wrote:
Hi all,
Is it possible to specify a range within a table ? e.g.
table const { 8000 >< 8999 }
I get a syntax error for the aformentioned table, so can anyone
suggest a method for what I'm trying to achieve ?
Cheers
- Alex
why not put the table first and the ports in the ru
I use max-src-conn in production and it works fine. Just don't be to tight on
the numbers
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> Chris Cameron
> Sent: January 12, 2005 1:46 PM
> To: pf@benzedrine.cx
> Subject: Re: State searches sky rocket
you posted this on misc@ already.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> Jayel Villamin
> Sent: December 28, 2004 11:43 AM
> To: pf@benzedrine.cx
> Subject: help with a pf rule
>
>
> I have been looking at this tcpdump log for the last ho
> not trying to speak for ed, but IMHO...it's dumb because any
> yahoo with
> a local account on a machine can create a listening socket on
> a port >=
> 1024.
Anyone can create a socket above 1024 anyway, regardless .. this has
nothing to do with ssh. If you are running a server, full of users
change your ssh port to like 30222 or something ..
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of
> A
> Sent: December 17, 2004 12:12 AM
> To: [EMAIL PROTECTED]
> Subject: pf port knocking
>
>
> Hey all
>
> I am getting tired of seeing the follow
12 matches
Mail list logo
