"Melameth, Daniel D." <[EMAIL PROTECTED]> writes: >> There is a facility on the NETGEAR to send all traffic to an inside >> machine for whatever reason. Its called a DMZ Server although I don't >> think that is the normal usage of DMZ, but not experienced enough to >> know for sure. > > This might not work the way you are expecting it to. What you really > want is a device that can mirror a switched port.
Can you enlarge on this a bit... at least a good guess for google stings. >> At any rate I want to enable that feature and send all traffic to the >> obsd machine. I want to see more of what is happening at the actual >> firewall. It has poor logging facilities. None in realtime. And the >> fastest is daily by mail unless you want to logon to the router and do >> the cumbersom scanning by eye with the sorry java based interface. >> >> I don't really want to accept any traffic from the INTERNET via >> NETGEAR on the obsd box but want to be able to log specific stuff as >> it hits the pf.conf filter. I want to start analyzing what is coming >> at me more. > > I know this doesn't answer your question, but, IMHO, I suggest replacing > that consumer class Netgear device with your OpenBSD box and be done > with this "whole mess"--then you can do everything you laid out here > with minimal complexity and far more flexibility. I'd be comfortable with that if I knew a little more about pf usage. I'm not experienced with it enough to be sure I'm not leaving some nasty unexpected hole. Or some other novice error that could have more repercussions than I want or know how to deal with. If taking the chicken way will allow me to learn more about pf and enough to not do some stupid novice error that gets me hacked. I think I'd prefer it. Is blocking all and logging specific traffice really hard to accomplish?
