rules have:
pass out quick on enc0 from 192.168.1.32 to any
pass in quick on enc0 from any to 192.168.1.32
I haven't added any block rule yet, but have added the following rule:
pass out quick on enc0 fastroute from any to any
also I tried this:
pass out quick on enc0 route-to
> It could confuse a NIDS.
> However, luckily, this is an option so if the firewall man turn it on, he'll
> probably talk with the NIDS man.
lol. I wrote that part of the scrubber. I also write IDSes for a
living.
IDSes *must* not be sensitive to increases in ttl. But the hard part is
what to
On Tuesday 03 June 2003 20:09, Sigfred Håversen wrote:
> > > reassemble tcp will raise the TTL
> > > of all packets back up to the highest value seen on the connection.
>
> Newbie question : In what way is this dangerous?
It could confuse a NIDS.
However, luckily, this is an option so if the fire
On Tuesday 03 June 2003 19:45, Ed White wrote:
> On Monday 02 June 2003 21:24, Dries Schellekens wrote:
> > ttl Neither side of the connection is allowed to reduce
> > their IP TTL. An attacker may send a packet such that it reach- es
> > the firewall, affects the firewall state, and ex
On Monday 02 June 2003 21:24, Dries Schellekens wrote:
> ttl Neither side of the connection is allowed to reduce their
>IP TTL. An attacker may send a packet such that it reach-
>es the firewall, affects the firewall state, and expires
>be
64, hiding a variety of OSes on the network
> 'ttl +1' increment it by 1, hiding this firewall and an inner or outer router
> 'ttl 0' aka fastroute
If you want to have a hidden firewall, you should make it a bridge.
PF already has some way to adjust the
Hi,
After as bit of experimenting around with fastroute, I found that setting it
on an outbound rule was bad. It locks up the machine. Using it on inbound
rules seems to work as expected.
It would be great if the parser would pick this up, not allowing the ruleset to be
loaded. Some doco to
On Thu, Oct 03, 2002 at 08:30:36PM -0700, Marco grigull wrote:
> I am wondering if there is a fastroute function in pf.
> I have not found it in pf documentation anywhere.
>
> I am using 3.1 release.
Yes, it was introduced in 3.1, and it's documented in pf.conf(5).
ROUT
Note: resent message attached.
__
Do you Yahoo!?
New DSL Internet Access from SBC & Yahoo!
http://sbc.yahoo.com
--- Begin Message ---
Hi packet gurus.
I am wondering if there is a fastroute function in pf.
I have not found it i
Hi packet gurus.
I am wondering if there is a fastroute function in pf.
I have not found it in pf documentation anywhere.
I am using 3.1 release.
I ask because I want to fastroute my isp's multicast
streams beyong my NAT box.
Cheers
Marco
10 matches
Mail list logo
