Pf - Private address blocking
Hey all I have a question about blocking private addr. with pf. I have defined the reserved addresses acording to RFC 1918 in a table priv_ip My default rule is : block in on $ext_if block out on $ext_if pass in on $int_if pass out on $int_if 1. With this 2 rules defined is it still recomended to block private addr. If it is then: Computers on my network have IP's from block 192.168.0.0/16 let's say 192.168.1.100 to 192.168.1.105 I make another table called lan What is the correct rule? Do i negate table lan in a rule block in on $ext_if from any to { priv_ip, !lan } block out on $ext_if from { priv_ip, !lan } to any or do i negate ip's in a table like so table lan { !192.168.1.100 , ...} tnx for reply
problem with 003_systrace.patch
Hello all when i apply this patch system asks me File to patch: what should i enter here Bye
ppp.conf
hey all Has anyone got an explanation for this: Example: /etc/ppp/ppp.conf default : set log ... when i run ppp ... i getWarning line 2 missing colon or something like that but when i do this everything is all right and i don't get any warnings /etc/ppp/ppp.conf default: set log ... notice the position of set log Why is that so important -- Welcome to The Zone, where normal things don't happen very often.
DNS setup
Hello all Aprox. 2 weeks ago i posted a question titled web browsing to this list. It was about how to setup NAT on my gateway so intranet computers can access Internet. The current situation is: I have a obsd3.9 box connected to internet using ppp.conf, on the inside i have a winXP box connected to switch, connected to obsd box. The thing that wasn't working was that my XP box couldn't access web pages. I blamed it on pf.conf. But that wasn't the case. Today i tried this: I turned off Pf i will set that up later I checked man ppp and found this info. ...to turn on NAT add this line to ppp.confnat enable yes... . With this line added to ppp.conf things started to work. Now the question : 1. My resolv.conf contains namesservers from my ISP 2. At the begining xp box was setup with DNS parameter pointing to my gateway 192.168.0.1. I could not access Internet, then i changed this parameter to dns server ip of my ISP and things work again. What must i do that things will work with dns parameter set to my gateway ? Are there any security threats with parameters set to dns ip form my ISP ? Will this be a problem when setting up Pf ?
Lenovo notebooks
Hello all Has anyone got experience with Lenovo notebooks running OpenBSD. If you are so kind to share your experience. tnx.