Forrest Aldrich wrote:
I've a few geoip orientated tables for which I want to block certain
traffic.
I'm able to match the addresses via pfctl, though the connections from
these IP spaces are still getting through, and I'm puzzled.
I rdr inbound connections to an RFC addressed server. All
Forrest Aldrich wrote:
Cédric Berger wrote:
Forrest Aldrich wrote:
I've a few geoip orientated tables for which I want to block certain
traffic.
I'm able to match the addresses via pfctl, though the connections
from these IP spaces are still getting through, and I'm puzzled.
I rdr
Henrik Gustafsson wrote:
There are a few gotchas here though, at least if i remember my
problems correctly. If you plan to update your table regularly you
will need at least 2x the maximum number of entries in the table
since, at the time you do your refresh, pf will have two copies of
your
Peter wrote:
Can someone please tell me how my webserver LEO is able to respond to
requests? Don't I need to specify an outgoing rule (pass out) for
replies?
Your RDR rule implicitely create a state, therefore the ruleset is
not evaluated for the webserver reply.
Cedric
nat on $EXT from
Forrest Aldrich wrote:
I've been watching for other instances of this problem. Got one today:
[ EST time ]
61.168.43.84 - - [29/Dec/2005:19:17:59 -0500] GET
http://umsky.com/prx.php?p=q1w2e3r4t5y6u7i8o9p0*a-b HTTP/1.1 404 205
Here are the relevant rules (I posted my full pf.conf
eric wrote:
On Fri, 2005-12-30 at 14:18:32 -0500, Forrest Aldrich proclaimed...
I ran this and got nothing.
I must have done something wrong... ?
YEs, flush and reload the table or IP address into the table. See the pfctl
man page for instructions on how to do this.
Yes, as Daniel said,
The timestamp is reset when you flush and reload the table with
# pfctl -t bruteforce -Ts /etc/bruteforce
# pfctl -t bruteforce -Tf
# pfctl -t bruteforce -Ta -f /etc/bruteforce
Hmm, that't bad that there is no way to clear address stats without
flushing the table. Actually, there is a
Thitiporn Pornpirunrak wrote:
how could I set multiple routing table?
I need to set multiple routing table for each subnet.
Now I have just start used openbsd with pf for few days.
How could I do?
I don't think you can, unless you use a bunch of route-to
rules.
I have developped a source
Paul Pruett wrote:
Thats over 3 million lines, wow. So would that be over 3 million entries
and with the previous example 3,112,763 * 216 = 672 MB
That math correct? And add the smaller spews list, korean china lists
to that also. So how well does pf work with CBL?
There is no way it can
