Hi
I have seen strange issues with my firewall environment. It has the following
9 interfaces:
Internet - em1 (dual intel pci-e)
lan - em0 (dual intel pci-e)
pfsync - em2 (dual intel pci-x)
dmz1 - em3 (dual intel pci-x)
dmz2 - bge0 (server build in broadcom)
dmz3-6 - sis0-4 (soekris pci quad)
Hello Everybody,
Faced like a lot of you with ssh bruteforce automated
attempts on my OpenBSD 3.8 box, I searched the web to
see what others did to protect themselves against
this.
I made the same, forbiding ssh connections with
password and opting for public key authentication, but
that was of
Tr0go wrote:
Hello Everybody,
Faced like a lot of you with ssh bruteforce automated
attempts on my OpenBSD 3.8 box, I searched the web to
see what others did to protect themselves against
this.
I made the same, forbiding ssh connections with
password and opting for public key
I had a similar issue. I ended up using net.inet.carp.preempt=1 on the
primary firewall and net.inet.carp.preempt=0 on the secondary.
If the primary has an issue, the secondary becomes the master on all
interfaces. I must confess I haven't fully tested the configuration.
-Steve S.
[EMAIL