Gmail Calendar Documents Reader Web more »
Recently Visited Groups | Help | Sign in
Google Groups Home
bit.listserv.openbsd-pf
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
syntax error while using scrub with OpenBSD 4.6
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   6 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Micha Holzmann  
View profile  
 More options Oct 28, 7:19 pm
Newsgroups: bit.listserv.openbsd-pf
From: haldur...@yahoo.com (Micha Holzmann)
Date: 28 Oct 2009 01:19:06 -0700
Local: Wed, Oct 28 2009 7:19 pm
Subject: syntax error while using scrub with OpenBSD 4.6
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Hello all,

i am fairly new to OpenBSD. I use it for a home router and firewall.
Following the recommendations, i want to use the scrub keyword.

But regardles how i write it into the pf.conf and check it with pfctl
i get a syntax error message.

I tried several syntax:

scrub all
scrub in all

After using google and other ressources for hours i found a changeset
which describes


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Micha Holzmann  
View profile  
 More options Oct 28, 7:37 pm
Newsgroups: bit.listserv.openbsd-pf
From: haldur...@yahoo.com (Micha Holzmann)
Date: 28 Oct 2009 01:37:52 -0700
Local: Wed, Oct 28 2009 7:37 pm
Subject: syntax error while using scrub with OpenBSD 4.6
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Hello all,

[ the formerly post was not complete because of my web-session was crashed ].

i am fairly new to OpenBSD. I use it for a home router and firewall.
Following the recommendations, i want to use the scrub keyword.

But regardles how i write it into the pf.conf and check it with pfctl
i get a syntax error message.

I tried several syntax:

scrub all
scrub in all

After using google and other ressources for hours i found a changeset
which describes scrub to use

match in all scrub (random-id fragment reassemble tcp)

If i try to activate this, i got a syntax error. What have i done wrong?

Best regards


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Robert  
View profile  
 More options Oct 28, 8:41 pm
Newsgroups: bit.listserv.openbsd-pf
From: rob...@openbsd.pap.st (Robert)
Date: 28 Oct 2009 02:41:56 -0700
Local: Wed, Oct 28 2009 8:41 pm
Subject: Re: syntax error while using scrub with OpenBSD 4.6
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
On Wed, 28 Oct 2009 01:10:08 -0700 (PDT)

remove "fragment" as that's not a supported option in the scrub context.
have a look at the pf.conf manpage.

- Robert


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Robert  
View profile  
 More options Oct 28, 11:48 pm
Newsgroups: bit.listserv.openbsd-pf
From: rob...@openbsd.pap.st (Robert)
Date: 28 Oct 2009 05:48:44 -0700
Local: Wed, Oct 28 2009 11:48 pm
Subject: Re: syntax error while using scrub with OpenBSD 4.6
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
On Wed, 28 Oct 2009 00:29:58 -0700 (PDT)

The way to use scrub has changed for 4.6.
"scrub" is now an option to a normal rule.

match in all scrub

http://www.openbsd.org/faq/upgrade46.html#newPF

- Robert


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Peter N. M. Hansteen  
View profile  
 More options Oct 29, 12:06 am
Newsgroups: bit.listserv.openbsd-pf
From: pe...@bsdly.net (Peter N. M. Hansteen)
Date: 28 Oct 2009 06:06:37 -0700
Local: Thurs, Oct 29 2009 12:06 am
Subject: Re: syntax error while using scrub with OpenBSD 4.6
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author

Micha Holzmann <haldur...@yahoo.com> writes:
> But regardles how i write it into the pf.conf and check it with pfctl
> i get a syntax error message.

> I tried several syntax:

> scrub all
> scrub in all

Yes, you've hit the one small flag day change in OpenBSD 4.6 - try

match in all scrub (reassemble tcp)

or some variation (some other parameters are possible). It's in the
official docs, but not all the other resources out there that your
favorite search engine will turn up have caught up with the news yet.

--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Stephan A. Rickauer  
View profile  
 More options Oct 29, 12:07 am
Newsgroups: bit.listserv.openbsd-pf
From: stephan.ricka...@startek.ch (Stephan A. Rickauer)
Date: 28 Oct 2009 06:07:12 -0700
Local: Thurs, Oct 29 2009 12:07 am
Subject: Re: syntax error while using scrub with OpenBSD 4.6
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author

http://www.openbsd.org/faq/upgrade46.html#newPF

    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2009 Google