Eugene M. Minkovskii [EMAIL PROTECTED] writes:
pf@benzedrine.cx is it mail-list or private e-mail. Does I need
to register anywhere before mail to it?
pf@benzedrine.cx is a mailing list, which I think allows posting by
non-subscribers, but obviously you may want to sign up to make sure you
get
Sorry, it's again I.
So, I was trying to modify my OpenBSD pf brandmauer to collect me
information about traffic. Now I has following rules:
pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto { udp, icmp } all keep state
So, where could I put label to mark
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
pass out on $ext_if proto tcp all modulate state flags S/SA
pass out on $ext_if proto { udp, icmp } all keep state
So, where could I put label to mark inbound traffic? This traffic
goes into my machine because I use state table.
I'd say
On Tue, Mar 22, 2005 at 01:18:27PM +0100, Peter N. M. Hansteen wrote:
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
I'd say something along the lines of
allowed_out = { ssh, domain, http, https, etc... }
pass out on $ext_if proto tcp $allowed_out label allowed-out keep state
you
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
Just a moment, does it mean that your last rule allow any
incoming connections from world to clients if thay matched by
client2_inports, ANY, not only connections opened by clients?
That rule would let new connections from anywhere pass on the
In a word, yes. The 'keep state' in these examples, would AFAIK mean
that the counters would keep track of all traffic for a connection, so
traffic initiated from the inside would match the pass out rule's
counters, while connections opened from the outside would count on the
pass in rules.
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
Unfortunely, this mean, that OpenBSD's pf can not measure
traffic, because we can not separate incoming and outgoing
traffic in bidirectional rule. Or we must not use keep state
feature.
I think I understand what you mean - you do not want per
On Tue, Mar 22, 2005 at 02:28:09PM +0100, Peter N. M. Hansteen wrote:
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
Unfortunely, this mean, that OpenBSD's pf can not measure
traffic, because we can not separate incoming and outgoing
traffic in bidirectional rule. Or we must not use keep
Sure you can
check out IP accountingit's a great tool for web
hosters and such, and they have an pf module
http://ipa-system.sourceforge.net/
Jorge Mario Mazo
_
Do You Yahoo!?
Información de Estados Unidos y América Latina, en Yahoo!
On Mon, Mar 21, 2005 at 08:54:35AM +0100, Peter N. M. Hansteen wrote:
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
block in log on $ext_ip inet from any to $ext_ip label $ext_ip
pass in on $ext_ip inet from any to $ext_ip port 22 keep sate
As you can see, ssh packets match to all
Hello!
Does any body know, how can I use OpenBSD's pf (packet filter) for
determine total traffic volume on network interface? If it's
impossible, what facility you recommend me to do this?
--
Sensory yours, Eugene Minkovskii
,
___
Eugene M. Minkovskii wrote:
Hello!
Does any body know, how can I use OpenBSD's pf (packet filter) for
determine total traffic volume on network interface? If it's
impossible, what facility you recommend me to do this?
I don't realy know if it is impossible to use PF for monitoring the
total
Eugene M. Minkovskii pe v ne 20. 03. 2005 v 12:31 +0300:
Hello!
Does any body know, how can I use OpenBSD's pf (packet filter) for
determine total traffic volume on network interface? If it's
impossible, what facility you recommend me to do this?
I don't know much about pf, but I use ipfw
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
Does any body know, how can I use OpenBSD's pf (packet filter) for
determine total traffic volume on network interface? If it's
impossible, what facility you recommend me to do this?
Various pfctl -s options (eg pfctl -s info) give you counters
On Sun, Mar 20, 2005 at 05:51:58PM +0100, Peter N. M. Hansteen wrote:
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
Does any body know, how can I use OpenBSD's pf (packet filter) for
determine total traffic volume on network interface? If it's
impossible, what facility you recommend me
Eugene M. Minkovskii [EMAIL PROTECTED] writes:
block in log on $ext_ip inet from any to $ext_ip label $ext_ip
pass in on $ext_ip inet from any to $ext_ip port 22 keep sate
As you can see, ssh packets match to all rule and pass in because
last rule win. Does it mean, that I can't see
16 matches
Mail list logo
