On 10/25/05, Markus Friedl [EMAIL PROTECTED] wrote:
On Mon, Oct 24, 2005 at 02:38:43AM -0500, Travis H. wrote:
Has anyone thought of modeling packet filtering/translation/queueing
as a virtual machine?
BSD/OS ipfw (http://www.pix.net/software/ipfw/)
That site has some good code and links
They would have to have been
really serious about protecting their patent to threaten Sun; remember
that almost all FW1 installations (checkpoints cash cow) were dependant
on solaris boxes.
Perhaps. OTOH, if you don't protect IP, you lose it. That is why so
many warnings about infringement
On Mon, Oct 24, 2005 at 02:38:43AM -0500, Travis H. wrote:
Has anyone thought of modeling packet filtering/translation/queueing
as a virtual machine?
BSD/OS ipfw (http://www.pix.net/software/ipfw/)
did use BPF bytecode for filterrules. basically
you compile you filter ruleset into BPF bytecode
Has anyone thought of modeling packet filtering/translation/queueing
as a virtual machine?
Checkpoint did it with their inspect scripting and I'm told have a
patent on using a VM in a firewall (no I've never read the patent, no
idea how specific/general it is).
Sun used a BPF-like virtual
Just some feedback on this.. I did get it to work after endless nights ;-)
my rules:
block in log on fxp0 from any to opium
pass in on vlan1 from opium to any tag outgoing keep state queue opium_d_l
pass on fxp0 all tagged outgoing keep state
pass in on fxp0 proto tcp from any to opium port 22
On Sunday, Aug 3, 2003, at 14:30 US/Pacific, Mark Bojara wrote:
When I only have a pass log rule and telnet to 196.4.160.2 53 I get
this:
23:18:54.694500 opium.co.za.4774 apollo.is.co.za.domain: S
4194577793:4194577793(0) win 65535 mss 1460,nop,wscale 0,[|tcp] (DF)
[tos 0x10]
Forgot to
Hello Trevor/Daniel,
Sorry for late reply I was on leave. When I only have a pass log rule and
telnet to 196.4.160.2 53 I get this:
23:18:54.694500 opium.co.za.4774 apollo.is.co.za.domain: S
4194577793:4194577793(0) win 65535 mss 1460,nop,wscale 0,[|tcp] (DF)
[tos 0x10]
23:18:54.694504
On Wednesday, Jul 30, 2003, at 16:24 US/Pacific, Mark Bojara wrote:
Here is my tcpdump of pflog0:
Jul 31 01:23:48.272259 rule 1/0(match): block in on fxp0:
196.4.160.2.53 196.34.165.210.1588: S 1318784553:1318784553(0) ack
1889327994 win 65535 mss 1380,nop,nop,timestamp[|tcp]
Jul 31
Hello Ryan,
fxp0 is the uplink interface and xl0 is the interface that the vlan is
connected too. If i tcpdump xl0 I can see traffic from all the vlan's on
it.
Regards
Mark
Universe is a big place... perhaps the biggest
On Thu, Jul 31, 2003 at 12:42:10AM +0200, Mark Bojara wrote:
fxp0 is the uplink interface and xl0 is the interface that the vlan is
connected too. If i tcpdump xl0 I can see traffic from all the vlan's on
it.
pf and BPF aren't in the same place in packet flow. tcpdump gets packets
much earlier
On Thu, Jul 31, 2003 at 12:26:21AM +0200, Daniel Hartmeier wrote:
I'm not entirely sure, but the assumption that the same packet will be
filtered both on the real and the vlan interface (in both directions)
might just be wrong.
My experience is that the packet will appear on one interface or
Hello Daniel,
Here is my tcpdump of pflog0:
Jul 31 01:23:48.272259 rule 1/0(match): block in on fxp0: 196.4.160.2.53
196.34.165.210.1588: S 1318784553:1318784553(0) ack 1889327994 win 65535
mss 1380,nop,nop,timestamp[|tcp]
Jul 31 01:23:56.876904 rule 1/0(match): block in on fxp0: 196.4.160.2.53
12 matches
Mail list logo