Til: FreeBSD Questions; FreeBSD Current; FreeBSD doc
Emne: Re: pf firewall and ftp
Fbsd8 wrote:
Running 9.0 as a gateway host with pf firewall enabled.
FTP is launched by inetd.
Both active and passive ftp works from lan pc's to the host ftp.
The lan ftp session can be initiated from the host
-questi...@freebsd.org] På vegne af Fbsd8
Sendt: den 16 april 2012 04:31
Til: FreeBSD Questions; FreeBSD Current; FreeBSD doc
Emne: Re: pf firewall and ftp
Fbsd8 wrote:
Running 9.0 as a gateway host with pf firewall enabled.
FTP is launched by inetd.
Both active and passive ftp works from lan
There's also web available manuals for probably every release of OpenBSD here:
http://www.openbsd.org/cgi-bin/man.cgi
http://www.openbsd.org/cgi-bin/man.cgi?query=pf.confmanpath=OpenBSD+4.5
___
freebsd-questions@freebsd.org mailing list
Running 9.0 as a gateway host with pf firewall enabled.
FTP is launched by inetd.
Both active and passive ftp works from lan pc's to the host ftp.
The lan ftp session can be initiated from the host or any lan pc and
things work because there are no rules on the lan interface except
single pass
Fbsd8 wrote:
Running 9.0 as a gateway host with pf firewall enabled.
FTP is launched by inetd.
Both active and passive ftp works from lan pc's to the host ftp.
The lan ftp session can be initiated from the host or any lan pc and
things work because there are no rules on the lan interface except
Mike Tancsa wrote:
On 4/11/2012 8:34 PM, Fbsd8 wrote:
In the pf log I see the rule number of the rule used to create the log
file entry. pfctl -sr command does not list the rule number of each rule
it lists.
Hi,
Try pfctl -sr -vv
---Mike
Thanks the -vv printed the rule number
In the pf log I see the rule number of the rule used to create the log
file entry. pfctl -sr command does not list the rule number of each rule
it lists.
So my question is how do I relate the rule number shown in the log
listing back to the text rule file rules?
On 4/11/2012 8:34 PM, Fbsd8 wrote:
In the pf log I see the rule number of the rule used to create the log
file entry. pfctl -sr command does not list the rule number of each rule
it lists.
Hi,
Try pfctl -sr -vv
---Mike
--
---
Mike Tancsa, tel +1 519 651 3400
Sentex
On 02/01/11 00:40, Kevin Wilcox wrote:
On Mon, Jan 31, 2011 at 05:58, Da Rock
freebsd-questi...@herveybayaustralia.com.au wrote:
Yes. Me unfortunately, but I did manage to pick it up quite quickly though.
I had a little thief attack one of my ports and attempt login on the
firewall. I had
Le Sat, 29 Jan 2011 12:39:18 +1000,
Da Rock freebsd-questi...@herveybayaustralia.com.au a écrit :
I spent some time playing with pf and pf.conf, and followed the
directions in the handbook. It redirected me to the openbsd site for
pf.conf, and recommended it as the most comprehensive
On 01/31/11 20:30, Patrick Lamaiziere wrote:
Le Sat, 29 Jan 2011 12:39:18 +1000,
Da Rockfreebsd-questi...@herveybayaustralia.com.au a écrit :
I spent some time playing with pf and pf.conf, and followed the
directions in the handbook. It redirected me to the openbsd site for
pf.conf, and
On Mon, Jan 31, 2011 at 05:58, Da Rock
freebsd-questi...@herveybayaustralia.com.au wrote:
Yes. Me unfortunately, but I did manage to pick it up quite quickly though.
I had a little thief attack one of my ports and attempt login on the
firewall. I had to change it to 'block in $log on $ext_if
On 01/29/11 23:50, Iñigo Ortiz de Urbina wrote:
I think that kind of user should never be in charge of anything security related
Reading my own post I realise I forgot my question due to kiddie issues
that were occuring in my vicinity. That is, how would one go about this?
As for user
I spent some time playing with pf and pf.conf, and followed the
directions in the handbook. It redirected me to the openbsd site for
pf.conf, and recommended it as the most comprehensive documentation for pf.
Firstly, I didn't find that. I had to translate the instructions into
the current
Howdy folks. I have several computers behind a FreeBSD router (NAT
192.168.0.x using OpenBSD's PF) . One of those computers is a Windows
machine which is using software called Cisco Systems VPN Client to connect
to some other computers outside of our internal network. Our connection to
the
Wojciech Puchar [EMAIL PROTECTED] wrote: Memory: 4GB 667MHz (4x1GB), Dual
Ranked DIMMs
incredibly important for firewall to have 4GB RAM. why not 64GB or more?
;)
___
freebsd-questions@freebsd.org mailing list
ajtiM wrote:
Hi!
I am a new FreeBSD 7.0 beta3 user and I have standalone computer connected to
the internet (cable). I use both, console and KDE desktop. I tried to setup
PF firewall for the standalone computer but I have a problem with internal
messages (mail) which are blocked
ajtiM wrote:
Hi!
I am a new FreeBSD 7.0 beta3 user and I have standalone computer connected to
the internet (cable). I use both, console and KDE desktop. I tried to setup
PF firewall for the standalone computer but I have a problem with internal
messages (mail) which are blocked if firewall
On Fri, Dec 07, 2007 at 06:20:37AM -0600, ajtiM wrote:
Hi!
I am a new FreeBSD 7.0 beta3 user and I have standalone computer connected to
the internet (cable). I use both, console and KDE desktop. I tried to setup
PF firewall for the standalone computer but I have a problem with internal
Hi!
I am a new FreeBSD 7.0 beta3 user and I have standalone computer connected to
the internet (cable). I use both, console and KDE desktop. I tried to setup
PF firewall for the standalone computer but I have a problem with internal
messages (mail) which are blocked if firewall running
Hello,
My question is related to PF performances with large state tables.
FreeBSD : 5.5
hw.model: Intel(R) Xeon(TM) CPU 3.20GHz
hw.physmem: 2138378240 = 2 Gb
If I put a mail server
20 SMTP hits per second (thanks to spam...)
15 seconds per SMTP dialog
90 seconds for PF
On 2/26/07, Jacques Beigbeder [EMAIL PROTECTED] wrote:
Hello,
My question is related to PF performances with large state tables.
FreeBSD : 5.5
hw.model: Intel(R) Xeon(TM) CPU 3.20GHz
hw.physmem: 2138378240 = 2 Gb
If I put a mail server
20 SMTP hits per second (thanks to spam...)
Jonathan Horne [EMAIL PROTECTED] writes:
ive been googling for a while now this evening, but have
unsuccesfully found any examples on how to firewall a server. i do
*not* want to build a router, and unfortunatly, every article i seem
to find wants to tell me how to build a router!
The same
On Wednesday 26 July 2006 02:30, Jonathan Horne wrote:
ive been googling for a while now this evening, but have unsuccesfully
found any examples on how to firewall a server. i do *not* want to build a
router, and unfortunatly, every article i seem to find wants to tell me how
to build a
Hello all,
Is PF installed with the base system in FreeBSD 6.1? I see that there
is IPF, is it the same thing? I didn't find PF in the ports tree, so
thats why i'm asking.
Thanks!
___
freebsd-questions@freebsd.org mailing list
On 2006-07-25 18:53, Ivan Levchenko [EMAIL PROTECTED] wrote:
Hello all,
Is PF installed with the base system in FreeBSD 6.1? I see that there
is IPF, is it the same thing? I didn't find PF in the ports tree, so
thats why i'm asking.
Yes, PF is part of the base system in recent FreeBSD
@freebsd.org
Subject: OpenBSD PF firewall in Freebsd
Hello all,
Is PF installed with the base system in FreeBSD 6.1? I see that
there
is IPF, is it the same thing? I didn't find PF in the ports tree, so
thats why i'm asking.
Thanks!
___
freebsd-questions
PROTECTED] Behalf Of Ivan
Levchenko
Sent: Tuesday, July 25, 2006 11:53 AM
To: freebsd-questions@freebsd.org
Subject: OpenBSD PF firewall in Freebsd
Hello all,
Is PF installed with the base system in FreeBSD 6.1? I see that
there
is IPF, is it the same thing? I didn't find PF in the ports tree, so
ive been googling for a while now this evening, but have unsuccesfully found
any examples on how to firewall a server. i do *not* want to build a router,
and unfortunatly, every article i seem to find wants to tell me how to build
a router!
i just want to learn how to build a simple pf config
why don't you try reading the firewall section of the handbook.
it has working example rule set you can copy
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jonathan
Horne
Sent: Tuesday, July 25, 2006 9:31 PM
To: freebsd-questions@freebsd.org
Subject: pf
On Tue, Jul 25, 2006 at 08:30:46PM -0500, Jonathan Horne wrote:
ive been googling for a while now this evening, but have unsuccesfully found
any examples on how to firewall a server. i do *not* want to build a router,
and unfortunatly, every article i seem to find wants to tell me how to
Iantcho Vassilev [EMAIL PROTECTED] writes:
kern.ipc.somaxconn is for handling more incoming connections,right?
Well, kind of. It's a systemwide limit on the maximum number of
connections that a given socket can accept.
but
On 5/31/06, Lowell Gilbert [EMAIL PROTECTED] wrote:
Iantcho Vassilev [EMAIL PROTECTED] writes:
kern.ipc.somaxconn is for handling more incoming connections,right?
Well, kind of. It's a systemwide limit on the maximum number of
connections that a given socket can accept.
kern.ipc.somaxconn is for handling more incoming connections,right? but does
firewall connections are considered incoming?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send
On Wed, Aug 03, 2005 at 05:06:37PM -0500, [EMAIL PROTECTED] wrote:
I would appreciate any suggestions for a reasonably secure solution. I
just found all this out and am totally blank.
Have a look at OpenVPN (http://www.openvpn.org/), it is available as a
FreeBSD port and it comes with a
Quoting Martin Welk [EMAIL PROTECTED]:
On Wed, Aug 03, 2005 at 05:06:37PM -0500, [EMAIL PROTECTED] wrote:
I would appreciate any suggestions for a reasonably secure solution. I
just found all this out and am totally blank.
Have a look at OpenVPN (http://www.openvpn.org/), it is available
has a simple pf firewall with only a
few ports open and opening ports isn't a problem. The application is a
terminal session. Thirty users login in to it as root all with windows
terminal sessions except for the modem connections and to make it more
fun I shouldn't modify the SCO box because
Quoting Gayn Winters [EMAIL PROTECTED]:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, August 03, 2005 3:07 PM
To: freebsd-questions@freebsd.org
Subject: A secure connection to an SCO Unix 5.2 behind a pf firewall
buffer write
cycle time.
How do tell PF in rc.conf these over ride options??
-Original Message-
From: Hornet [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 07, 2005 8:54 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED] ORG
Subject: Re: PF firewall log problems
On 7/7/05
On 2005-07-06 21:34, fbsd_user [EMAIL PROTECTED] wrote:
Does the OpenBSD Packet Filter firewall have stateless rules?
Yes.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send
How can I change the default wait time for PF buffer writes to the log file?
The log records are being held in the buffers for a long time before being
written out.
I want to change this to a shorter time.
Are there any tools or ports for use on the PF log file to create better
standardized
On 7/7/05, fbsd_user [EMAIL PROTECTED] wrote:
How can I change the default wait time for PF buffer writes to the log file?
The log records are being held in the buffers for a long time before being
written out.
I want to change this to a shorter time.
How are you viewing the data?
Realtime
these over ride options??
-Original Message-
From: Hornet [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 07, 2005 8:54 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED] ORG
Subject: Re: PF firewall log problems
On 7/7/05, fbsd_user [EMAIL PROTECTED] wrote:
How can I change the default wait time
Does the OpenBSD Packet Filter firewall have stateless rules?
Meaning, if I coded a rule to pass in for port 23 without any of the
different state options coded,
do I also have to code the same kind of rule to allow that port 23 packet
back out like in IPFW.
Or is there no stateless rules in PF?
I am running 5.4 using the run time loadable module for PF firewall.
The PF rules load and work fine.
The main rule set contains 2 anchor rules.
I can add rules to the in core anchor name and then list the anchor
and see the rules are really there.
Problem is the anchor rules are never being
I am running 5.4 using the run time loadable module for PF firewall.
The PF rules load and work fine.
The main rule set contains 2 anchor rules.
I can add rules to the in core anchor name and then list the anchor
and see the rules are really there.
Problem is the anchor rules are never being
46 matches
Mail list logo
