Mipam wrote:
Hi All,
A small internal network is defined to be able to send traffic outside:
outside = { a.b.c.d }
special = { 10.23.145.10 }
internal = { 10.23.145.0/24, !10.23.145.10 }
nat on fxp0 from $internal to any - $outside
binat on fxp0 from $special to any - $outside
Meaning of
On Tue, 16 May 2006, [ISO-8859-1] Per-Olov Sjöholm wrote:
Mipam wrote:
Hi All,
A small internal network is defined to be able to send traffic outside:
outside = { a.b.c.d }
special = { 10.23.145.10 }
internal = { 10.23.145.0/24, !10.23.145.10 }
nat on fxp0 from $internal to
On 5/10/06, Vas Péter [EMAIL PROTECTED] wrote:
Ooops. Well, it was quick and dirty. You'd have to figure out a way to kill
logged in users too.
This seems simple.
pfctl -k a.b.c.d
Also, I have a tool that lets you create firewall rules which time
out at a particular time.
It's called
I'm a newbie at networking and I've been reading Building Firewalls
with OpenBSD and PF and a couple of other resources. I have a pdf of
how I'm thinking about setting up my home network.
http://tyson.homeunix.org/net.pdf
Page 2 gives the policies/functionality I would like to have. I want
the
Daniel Hartmeier wrote:
Here's a major update to pfstat. The most important changes:
Im getting some very strange numbers out of this now, number of states
for example, are shown to be around seven thousand in the graph,
while pfctl shows only 680. Most other values are just plain off.
The
On Tue, May 16, 2006 at 06:15:13PM +0200, Jonas Davidsson wrote:
Im getting some very strange numbers out of this now, number of states
for example, are shown to be around seven thousand in the graph,
while pfctl shows only 680. Most other values are just plain off.
That's via the remote TCP
On 5/16/06, Terry [EMAIL PROTECTED] wrote:
Page 2 gives the policies/functionality I would like to have. I want
the system to be secure but I would also like to be able to admin the
system from the outside.
You want your cake AND you want to eat it? Ambitious!
Mostly, there is the threat of
Thanks for the feedback!
An update is on http://www.benzedrine.cx/pfstat-2.1.tar.gz
MD5 (pfstat-2.1.tar.gz) = 82bcef47cca25b3ff28a4628ccaee26b
* properly count line numbers when parsing configuration file,
so syntax error messages refer to the appropriate line
* support # comments in the
On Tue, May 16, 2006 at 11:41:51AM -0500, Travis H. wrote:
You want your cake AND you want to eat it? Ambitious!
Perhaps a little too ambitious for my level of experience. ;p
snip
Thanks for the input. I think I'll simplify the plan a little till I
can get more experience with pf.
--
Terry