bit.listserv.openbsd-pf Google Group

Re: german t-com´s vdsl

axel....@chaos1.de (Axel Rau) — Sat, 07 Nov 2009 13:25:47 UT

Am 07.11.2009 um 07:08 schrieb Tobias Wigand:
Did you have a look at XORP
[link]
?
So, your linux box is not involved in none-IPTV traffic via VDSL?
Axel
---
axel....@chaos1.de PGP-Key:29E99DD6 +49 151 2300 9283 computing @
chaos claudius

Re: german t-com´s vdsl

li...@underscore.de (Tobias Wigand) — Sat, 07 Nov 2009 13:09:43 UT

Hi,
Yes I had but there was no IGMP Proxy functionality. It was on the TODO
list though.
It just does Multicast Routing / IGMP proxying, announces the few nets
that have to be routed via Vlan8 dynamically and firewalls itself with
user unfriendly IPTables ;)
On a sidenote, I would order the cheapest IPTV VDSL offer. The others

Re: german t-com´s vdsl

li...@underscore.de (Tobias Wigand) — Sat, 07 Nov 2009 06:48:05 UT

Assuming the same technical infrastructure is used for that offer: yes.
I have always found the guys at the onlinekosten.de forum to be very
helpful, maybe you can ask there to know for sure.
Never tried that.
Anyway the HowTo is outdated and does not work anymore for IPTV. Vlan8
is used for Multicast now and the required IGMP version is v3 there.

Re: german t-com´s vdsl

axel....@chaos1.de (Axel Rau) — Thu, 05 Nov 2009 10:06:51 UT

Am 22.01.2008 um 09:12 schrieb Tobias Wigand:
2 questions come into mind:
- Does the new IP-only (w/o IPTV) offer (started in Sep-2009 by German
Telekom)
still requires the vlan setup?
- How does the vlan setup interferes with a carp/pfsync configuration?
Axel
---
axel....@chaos1.de PGP-Key:29E99DD6 +49 151 2300 9283 computing @

Virgin Hate: Virgin Forced Clips

woodsonpec...@gmail.com (peck Woodson) — Tue, 03 Nov 2009 12:35:00 UT

============================== ============================== =============
========= My sister lose her virginity with me (video)
=========
VVVVVVVVVVVVVVVVVVVVVVVVVVVVVV VVVVVVVVVVVVVVVVVVVVVVVVVVVVVV VVVVVVVVVVVV
========= ENTER HERE:
=========
========= [link]

Re: syntax error while using scrub with OpenBSD 4.6

stephan.ricka...@startek.ch (Stephan A. Rickauer) — Wed, 28 Oct 2009 13:07:12 UT

[link]

Re: syntax error while using scrub with OpenBSD 4.6

pe...@bsdly.net (Peter N. M. Hansteen) — Wed, 28 Oct 2009 13:06:37 UT

Yes, you've hit the one small flag day change in OpenBSD 4.6 - try
match in all scrub (reassemble tcp)
or some variation (some other parameters are possible). It's in the
official docs, but not all the other resources out there that your
favorite search engine will turn up have caught up with the news yet.

Re: syntax error while using scrub with OpenBSD 4.6

rob...@openbsd.pap.st (Robert) — Wed, 28 Oct 2009 12:48:44 UT

On Wed, 28 Oct 2009 00:29:58 -0700 (PDT)
The way to use scrub has changed for 4.6.
"scrub" is now an option to a normal rule.
match in all scrub
[link]
- Robert

Re: syntax error while using scrub with OpenBSD 4.6

rob...@openbsd.pap.st (Robert) — Wed, 28 Oct 2009 09:41:56 UT

On Wed, 28 Oct 2009 01:10:08 -0700 (PDT)
remove "fragment" as that's not a supported option in the scrub context.
have a look at the pf.conf manpage.
- Robert

syntax error while using scrub with OpenBSD 4.6

haldur...@yahoo.com (Micha Holzmann) — Wed, 28 Oct 2009 08:37:52 UT

Hello all,
[ the formerly post was not complete because of my web-session was crashed ].
i am fairly new to OpenBSD. I use it for a home router and firewall.
Following the recommendations, i want to use the scrub keyword.
But regardles how i write it into the pf.conf and check it with pfctl
i get a syntax error message.

syntax error while using scrub with OpenBSD 4.6

haldur...@yahoo.com (Micha Holzmann) — Wed, 28 Oct 2009 08:19:06 UT

Hello all,
i am fairly new to OpenBSD. I use it for a home router and firewall.
Following the recommendations, i want to use the scrub keyword.
But regardles how i write it into the pf.conf and check it with pfctl
i get a syntax error message.
I tried several syntax:
scrub all
scrub in all
After using google and other ressources for hours i found a changeset

Using PF on Multiple Gateways

manpa...@yahoo.com (M E) — Wed, 21 Oct 2009 12:29:56 UT

hello ,
I wondered if anyone could assist me in writing a simple packet filter firewall on my OpenBSD v4.5.
All I intend doing is to have two firewalling machine on a separate network :
192.168.1.1
ext_if = xl0 (dhcp) // Internet interface
int_if=xl1 // Internatl interface
192.168.2.20

TCP Sequence numbers changing

oli...@bittern.org.uk (Oliver Humpage) — Mon, 12 Oct 2009 16:02:01 UT

Hi,
I have a suspicion that route-to is changing sequence numbers on TCP packets.
My pf-based router is set up so that packets travelling between
internal hosts and the internet get routed through a separate IPS box:
imagine the IPS as basically a plugin to the router, and packets get
temporarily diverted through it on their way out.

Re: access to outlook web access through Openbsd

gernot.poer...@web.de (Gernot Poerner) — Thu, 08 Oct 2009 06:55:22 UT

and has that server a default gateway (your openbsd box)?
Michael K. Smith - Adhost schrieb:

RE: access to outlook web access through Openbsd

mksm...@adhost.com (Michael K. Smith - Adhost) — Wed, 07 Oct 2009 16:57:35 UT

Hello John:
Those rules look fine. Do you have a corresponding nat statement so
that the traffic going back out is NAT'd to a routable address?
Regards,
Mike