Description:
Discussion of OpenBSD Packet Filter.
|
|
|
pf is blocking too much connections?
|
| |
Hi, I have a openbsd pf firewall protecting a web server, I have noticed that some pages gives me errors when browsing through my site (sometimes it works sometimes not), then I looked at pf and saw that is blocking a lot of connectyions, how do I know which connections is blocking? ...Status: Enabled for 202 days 23:34:57 Debug: Urgent... more »
|
|
|
Filter on specific TTL value?
|
| |
Hi, Is it possible to filter on a specific TTL value? Long story short: there are rogue packets being generated somewhere in our network's core, and I can reliably identify them with a combination of IP TOS, TCP flags and TTL value. I'd like to filter them out with pf if at all possible. Cheers... more »
|
|
|
CBQ download limits failed...
|
| |
Hi all, I'm trying to implement queue using PF in OpenBSD box. The pf.conf looks like: ...ext_if1="fxp0" ext_gw1="217.126.43.2" ...ext_if2="bge1" ext_gw2="192.168.10.1" ...lesmes="192.168.0.121" alejandro="192.168.0.51" xevi="192.168.0.124" santi="192.168.0.49" dominis = "{" $lesmes $alejandro $xevi $santi "}"... more »
|
|
|
Trace packets through PF
|
| |
Hi all, Is there a general way to watch a packet's progress through PF and see when and where it's stopped? Something akin to "packet-tracer" on Cisco maybe? Thanks in advance! -elliott-
|
|
|
Virgin Hate: Virgin Forced Clips
|
| |
============================== ============================== ============= ========= My sister lose her virginity with me (video) ========= VVVVVVVVVVVVVVVVVVVVVVVVVVVVVV VVVVVVVVVVVVVVVVVVVVVVVVVVVVVV VVVVVVVVVVVV ========= ENTER HERE: ========= ========= [link]... more »
|
|
|
syntax error while using scrub with OpenBSD 4.6
|
| |
Hello all, i am fairly new to OpenBSD. I use it for a home router and firewall. Following the recommendations, i want to use the scrub keyword. But regardles how i write it into the pf.conf and check it with pfctl i get a syntax error message. I tried several syntax: scrub all scrub in all After using google and other ressources for hours i found a changeset... more »
|
|
|
Using PF on Multiple Gateways
|
| |
hello , I wondered if anyone could assist me in writing a simple packet filter firewall on my OpenBSD v4.5. All I intend doing is to have two firewalling machine on a separate network : 192.168.1.1 ext_if = xl0 (dhcp) // Internet interface int_if=xl1 // Internatl interface 192.168.2.20... more »
|
|
|
TCP Sequence numbers changing
|
| |
Hi, I have a suspicion that route-to is changing sequence numbers on TCP packets. My pf-based router is set up so that packets travelling between internal hosts and the internet get routed through a separate IPS box: imagine the IPS as basically a plugin to the router, and packets get temporarily diverted through it on their way out.... more »
|
|
|
access to outlook web access through Openbsd
|
| |
I changed OWA to allow anybody in the Exchange folder on the 2003 server. Did not add any security , just wanted to make work before I tightened it up. Updated the pf.conf to redirect to the internal Exchange 2003. Can't seem to get there. Works internally. Openbsd 4.0 rdr pass on $ext_if proto tcp from any to any port 80 -> 192.168.254.99 port... more »
|
|
|
Binat and if macro issue
|
| |
Hi, I may be missing something obvious, but I've a problem with macros for interfaces and binat. OpenBSD 4.4 stable ------------<snip>--------- net_main_if = "vr1" net_stndby_if = "vr2" net_if = "{" $net_main_if $net_stndby_if "}" binat on $net_if inet from $static_intwks_block1 \ to any -> $static_pubwks_block1... more »
|
|
|
|
