hi! how can i block scanners from scanning my network?
thanx.
jp
On Wed, Jan 15, 2003 at 04:03:31PM -0700, Ken Gunderson wrote:
Anyhow, I patched ftp-proxy for reverse and have it up and running.
Question is, how robust is this? (am wondering why it was not merged
into 3.2). Can anyone comment on security/performance comparison
between ftp-proxy
On Tue, Jan 14, 2003 at 10:33:32AM -0700, Ken Gunderson wrote:
configuration is 3 legged routing firewall. ext_if is aliased to a /29
subnet. one of the aliases, ext_ftp_ip resolves to ftp.example.com.
leg 2 is a 192.168.2.0/24 dmz subnet and leg 3 is a 192.168.1.0/24
private network.
On Thu, Jan 16, 2003 at 12:08:04PM +0100, Daniel Hartmeier wrote:
On Wed, Jan 15, 2003 at 04:03:31PM -0700, Ken Gunderson wrote:
Anyhow, I patched ftp-proxy for reverse and have it up and running.
Question is, how robust is this? (am wondering why it was not merged
into 3.2). Can
Hi,
I have a problem with access to an Oracle database over
an OpenBSD PF NAT setup.
We (a particle physics institute) have a Linux cluster for
our computations; the nodes have private IP addresses and
contact the outside world via an OpenBSD/PF NAT machine.
The NAT machine works perfectly fine
On Thu, Jan 16, 2003 at 02:54:29PM +, Steve Schmitz wrote:
Any ideas?
Could be fragments. Can you try with
scrub in on $ext_if all no-df
scrub out on $ext_if all no-df
If you run pfctl -si, do you see any of the 'Counters' at the bottom
increase when you get a stalled connection?
On Thursday 16 January 2003 04:28 am, Daniel Hartmeier wrote:
Forgot to mention that the simple binat solution will of course
require the ftp daemon to send the $ext_ftp_ip address in its replies
inviting passive clients. Several ftp servers have such options, if
yours does, that's the easiest
On Thursday 16 January 2003 04:51 am, Henning Brauer wrote:
On Thu, Jan 16, 2003 at 12:08:04PM +0100, Daniel Hartmeier wrote:
On Wed, Jan 15, 2003 at 04:03:31PM -0700, Ken Gunderson wrote:
Anyhow, I patched ftp-proxy for reverse and have it up and
running. Question is, how robust is this?
Could be fragments. Can you try with
scrub in on $ext_if all no-df
scrub out on $ext_if all no-df
If you run pfctl -si, do you see any of the 'Counters' at the bottom
increase when you get a stalled connection?
Also, can you enable debug loggin (pfctl -x m) and check
/var/log/messages for