Re: top for tcpdump
Look at ettercap. Not exactly what you asked for, but close.. -N On Apr 19, 2006, at 11:08 AM, Michael Grant wrote: Does anyone know of a tool like top that displays the open tcp connections and sorts them by which is causing the most bandwidth? I have someone consuming a lot of bandwidth but with so many tcp connections, I'm not sure who it is. Michael Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to do this?
Look at the apache server. There is .htaccess and other methods of limiting who can see the page. -N On Apr 18, 2006, at 5:39 PM, Gary Kline wrote: Is it possible to set up a GUI app on my web site where only a few people could http to and irc chat with me? This page would not be published. Something like ymessenger, only private. If this seems like a dumb question, it'd because I know virtually zip about things-irc. thanks in advance! gary -- Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPFW Problems
Hi, I have a system with a 4.11 Kernel. Unless I'm doing something very wrong, there seems to be something odd with ipfw. Take the following rules: ipfw add 00280 allow tcp from any to any 22 out via bge0 setup keep- state ipfw add 00299 deny log all from any to any out via bge0 ipfw add 0430 allow log tcp from any to me 22 in via bge0 setup limit src-addr 2 ipfw add 00499 deny log all from any to any in via bge0 In theory, this should allow in SSH and nothing else. When I install this firewall configuration, I'm locked out of the box. An inspection of the logs shows that rule 499 is being triggered by an attempted incoming connection. Can anybody help? Also, would it be better to upgrade to ipfw2?? If so, how do I do that? Thanks, -N ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW Problems?
I tried it with: ipfw add 00015 check-state I still get locked out :( This is the standard firewall from the openbsd manual (on the website.) I don't understand why it wouldn't work as is. Thanks, -N On Apr 17, 2006, at 4:42 PM, Chuck Swiger wrote: David Wolfskill wrote: On Mon, Apr 17, 2006 at 06:29:13PM -0400, Charles Swiger wrote: [ ...redirected to freebsd-questions... ] Thanks for doing that! It seemed appropriate. :) [ ... ] You don't have a check-state rule anywhere, so you either need to add one or a rule to pass established traffic to and from port 22. I thought check-state was fairly optional; ref: These dynamic rules, which have a limited lifetime, are checked at the first occurrence of a check-state, keep-state or limit rule, and are typ- ically used to open the firewall on-demand to legitimate traffic only. See the STATEFUL FIREWALL and EXAMPLES Sections below for more informa- tion on the stateful behaviour of ipfw. (from man ipfw on a 4.11 system). Yeah...but a rule like from any to any 22 out via bge0 setup keep- state isn't going to match inbound established traffic, right? So the dynamic rule checking doesn't actually fire, so the add 00499 deny log all from any to any rule fires and blocks it. Doing a ipfw add 10 check-state would probably make SSH go for the original poster... -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW Problems
Hi, I doing this over an SSH connection, so I can't see console. If I do it wrong, I get locked out and have to initiate a remote reboot. Fun! Thanks! -N On Apr 17, 2006, at 5:10 PM, Paul Schmehl wrote: --On April 17, 2006 2:29:23 PM -0700 Noah Silverman [EMAIL PROTECTED] wrote: I have a system with a 4.11 Kernel. Unless I'm doing something very wrong, there seems to be something odd with ipfw. Take the following rules: ipfw add 00280 allow tcp from any to any 22 out via bge0 setup keep- state ipfw add 00299 deny log all from any to any out via bge0 ipfw add 0430 allow log tcp from any to me 22 in via bge0 setup limit src-addr 2 ipfw add 00499 deny log all from any to any in via bge0 In theory, this should allow in SSH and nothing else. When I install this firewall configuration, I'm locked out of the box. An inspection of the logs shows that rule 499 is being triggered by an attempted incoming connection. What does ipfw show reveal regarding connection stats? If you're at the console, can you ssh out to some other box? Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]