Hello,
2009/11/30 kal...@muliahost.com
Dear All,
Is it possible to do like my requirement below?
1. Setup portfwd in my server listen on port 555 and forward all
connection through this port to another server with same port or
different
port
2. All client which connected through this
Dear All,
Is it possible to do like my requirement below?
1. Setup portfwd in my server listen on port 555 and forward all
connection through this port to another server with same port or different
port
2. All client which connected through this port, then remote server which
landed to the end
2009/11/30 kal...@muliahost.com
Dear All,
Is it possible to do like my requirement below?
1. Setup portfwd in my server listen on port 555 and forward all
connection through this port to another server with same port or different
port
2. All client which connected through this port, then
On Thu, 4 Dec 2008, Brett Davidson wrote:
Ian Smith wrote:
On Tue, 2 Dec 2008, Brett Davidson wrote:
Ian Smith wrote:
On Mon, 01 Dec 2008 16:52:12 +1300 Brett Davidson [EMAIL PROTECTED]
wrote:
ifconfig shows the alias addresses correctly bound.
Creating an
Found the problem.
Incorrect arp entry.
Thanks for your help.
Cheers,
Brett.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
On Tue, 2 Dec 2008, Brett Davidson wrote:
Ian Smith wrote:
On Mon, 01 Dec 2008 16:52:12 +1300 Brett Davidson [EMAIL PROTECTED]
wrote:
ifconfig shows the alias addresses correctly bound.
Creating an ipfw rule and testing it from the command line works
(connects out from
On Mon, 01 Dec 2008 16:52:12 +1300 Brett Davidson [EMAIL PROTECTED] wrote:
ifconfig shows the alias addresses correctly bound.
Creating an ipfw rule and testing it from the command line works
(connects out from master address, not alias)
From website on alias address, the firewall
Ian Smith wrote:
On Mon, 01 Dec 2008 16:52:12 +1300 Brett Davidson [EMAIL PROTECTED] wrote:
ifconfig shows the alias addresses correctly bound.
Creating an ipfw rule and testing it from the command line works
(connects out from master address, not alias)
From website on alias
ifconfig shows the alias addresses correctly bound.
Creating an ipfw rule and testing it from the command line works
(connects out from master address, not alias)
From website on alias address, the firewall blocks the packets.
The weird thing is that it tags them (in the security log) as
addresses for a mac address?
2- I want to allow these fixed mac addresses using ipfw. After that
I want to deny all mac address via the server's local ethernet card.
How can I do these cases?
I haven't used ipfw for mac level filtering before, but it looks like
the syntax
I use ipfw on freebsd7.
I have two questions
1- I want to fix an ip address for each mac address. But some pc and servers
have more than an ip address. How can I map multiple ip addresses for a mac
address?
2- I want to allow these fixed mac addresses using ipfw. After that I want to
deny all
to allow these fixed mac addresses using ipfw. After that
I want to deny all mac address via the server's local ethernet
card. How can I do these cases?
Few choose to go that route, but you can disable ARP and set up /etc/
ethers, or you could even fire up your favorite firewall (IPFW, PF
[ ...please don't top-post... ]
On Jun 24, 2008, at 11:42 AM, Yavuz Maslak wrote:
But I should have asked different my first question.
I have meant that how can I restrict to use an ip address which I
already
assigned to a computer, anyone can use at his pc?
There is nothing which can
. But some pc and
servers have more than an ip address. How can I map multiple ip
addresses for a mac address?
Most people use ifconfig, perhaps indirectly via /etc/rc.conf.
2- I want to allow these fixed mac addresses using ipfw. After that
I want to deny all mac address via the server's local
Yavuz Maslak wrote:
I use ipfw on freebsd7.
I have two questions
1- I want to fix an ip address for each mac address. But some pc and servers
have more than an ip address. How can I map multiple ip addresses for a mac
address?
2- I want to allow these fixed mac addresses using ipfw. After
Is there a way to limit the number of TCP connections from a
particular IP at a given time using ipfw? We are running Cyrus IMAP on
FreeBSD 6.2, and are sometimes subject to POP3 brute force login
attacks. I'm not sure if it's Cyrus or the SASL SQL plugin, but these
attacks grind the server
On Wed, Feb 13, 2008 at 09:23:31AM -0800, patrick wrote:
Is there a way to limit the number of TCP connections from a
particular IP at a given time using ipfw? We are running Cyrus IMAP on
FreeBSD 6.2, and are sometimes subject to POP3 brute force login
attacks. I'm not sure if it's Cyrus
Perfect, thanks!
On Feb 13, 2008 10:14 AM, Christopher Cowart
[EMAIL PROTECTED] wrote:
On Wed, Feb 13, 2008 at 09:23:31AM -0800, patrick wrote:
Is there a way to limit the number of TCP connections from a
particular IP at a given time using ipfw? We are running Cyrus IMAP on
FreeBSD 6.2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 25 Jan 2007 08:22:17 -0600
Kevin Kinsey [EMAIL PROTECTED] wrote:
Tek Bahadur Limbu wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear All,
I need some help regarding using IPFW to block specific MAC
addresses. How
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear All,
I need some help regarding using IPFW to block specific MAC addresses.
How do I block incoming traffic by a MAC address instead of an IP
address.
Can this be done using IPFW? Since I am quite new to FreeBSD, can
somebody shed some light
Tek Bahadur Limbu wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear All,
I need some help regarding using IPFW to block specific MAC addresses.
How do I block incoming traffic by a MAC address instead of an IP
address.
Can this be done using IPFW? Since I am quite new to FreeBSD, can
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear All,
I run a transparent squid proxy using IPFW below:
ipfw -q add allow tcp from 192.168.55.0/24 to any 3128 in via bge0
Now I want the IP: 192.168.55.22 to bypass Squid when requesting
www.hotmail.com.
How do I go about doing this using
Tek Bahadur Limbu wrote:
I run a transparent squid proxy using IPFW below:
ipfw -q add allow tcp from 192.168.55.0/24 to any 3128 in via bge0
That's not the rule for transparent proxying. For that you
need a forward (or fwd) rule, not an allow rule.
(Of course, the allow rule above
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 9 Jan 2007 15:28:44 +0100 (CET)
Oliver Fromme [EMAIL PROTECTED] wrote:
Tek Bahadur Limbu wrote:
I run a transparent squid proxy using IPFW below:
ipfw -q add allow tcp from 192.168.55.0/24 to any 3128 in via
bge0
That's
Hi,
I have a pretty complicated setup currently and am trying to figure out
exactly how to implement it. I'm pretty unfamiliar with freebsd, the
last incarnation I used was 4.3 and I only used it for a few months
before moving to linux.
I have a VPN setup for an IP range
Hi Guys,
I have an IPFW question that I'm a bit stuck on and
could do with some help. Basically what I'm trying to do is count and
limit the number of e-mails each user on the system is allowed to send.
I've got this working fine within the e-mail server and everything's
dandy, except for the
Kieran Simkin wrote:
I have an IPFW question that I'm a bit stuck on and
could do with some help. Basically what I'm trying to do is count and
limit the number of e-mails each user on the system is allowed to send.
I've got this working fine within the e-mail server and everything's
dandy,
On 2/9/06, Chris [EMAIL PROTECTED] wrote:
On 07/02/06, David Scheidt [EMAIL PROTECTED] wrote:
On Tue, Feb 07, 2006 at 12:40:22AM +0200, Atis wrote:
On Sun, 5 Feb 2006 18:55:13 -0500
David Scheidt [EMAIL PROTECTED] wrote:
Nonsense. There may be some people that only scan
On 07/02/06, David Scheidt [EMAIL PROTECTED] wrote:
On Tue, Feb 07, 2006 at 12:40:22AM +0200, Atis wrote:
On Sun, 5 Feb 2006 18:55:13 -0500
David Scheidt [EMAIL PROTECTED] wrote:
Nonsense. There may be some people that only scan well-known ports,
but it's much more common to scan
On Sun, 5 Feb 2006 18:55:13 -0500
David Scheidt [EMAIL PROTECTED] wrote:
Nonsense. There may be some people that only scan well-known ports,
but it's much more common to scan every port on a machine. If you're
running a server on a non-standard port, an attacker will find it.
sure, but
On Tue, Feb 07, 2006 at 12:40:22AM +0200, Atis wrote:
On Sun, 5 Feb 2006 18:55:13 -0500
David Scheidt [EMAIL PROTECTED] wrote:
Nonsense. There may be some people that only scan well-known ports,
but it's much more common to scan every port on a machine. If you're
running a server on
Hello,
I was wondering if there's some sort of port available that can actively
ban IPs that try and bruteforce a service such as SSH or Telnet, by
scanning the /var/log/auth.log log for Regex such as Illegal User or
LOGIN FAILURES, and then using IPFW to essentially deny (ban) that IP
I was wondering if there's some sort of port available that can actively ban
IPs that try and bruteforce a service such as SSH or Telnet, by scanning the
/var/log/auth.log log for Regex such as Illegal User or LOGIN FAILURES,
and then using IPFW to essentially deny (ban) that IP for a certain
choose to do.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Michael A.
Alestock
Sent: Sunday, February 05, 2006 10:42 AM
To: [EMAIL PROTECTED]
Subject: IP Banning (Using IPFW)
Importance: High
Hello,
I was wondering if there's some sort of port available
numbers to your services.
Security through obscurity is a bad place to start.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Michael A.
Alestock
Sent: Sunday, February 05, 2006 10:42 AM
To: [EMAIL PROTECTED]
Subject: IP Banning (Using IPFW)
Importance: High
be meaningless.
Please check your facts before commenting.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Daniel A.
Sent: Sunday, February 05, 2006 4:58 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; Michael A. Alestock
Subject: Re: IP Banning (Using IPFW
: IP Banning (Using IPFW)
On 2/5/06, fbsd_user [EMAIL PROTECTED] wrote:
I find this kind of approach is treating the symptom and not the
cause.
The basic problem is the services have well published port numbers
and attackers beat on those known port numbers. A much simpler
approach
On Sun, Feb 05, 2006 at 05:38:11PM -0500, fbsd_user wrote:
You missed to whole meaning.
Attackers only scan for the published service port numbers,
that is what is meant by portscan the box.
Those high order port numbers are dynamically
used during normal session conversation.
So any
Hi all!
sorry for my english...
Please tell me, how to set disable of many streams download
(using Flashget or Reget) via my FreeBSD-4.7.1 router using firewall.
My `pipe' settings are ineffective where whit this programs.
Best regards
stepan
mailto:[EMAIL
On Fri, 24 Sep 2004 10:00:32 +0600
stepan [EMAIL PROTECTED] wrote:
Hi all!
sorry for my english...
Please tell me, how to set disable of many streams download
(using Flashget or Reget) via my FreeBSD-4.7.1 router using firewall.
My `pipe' settings are ineffective where whit this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
J. Seth Henry wrote:
| Hello,
| I have an existing FreeBSD based router/internet gateway system that
is using
| ipfilter ipnat. It performs quite well, and my wife would be mightily
| irritated if I screwed it up. :)
|
Hello,
I have an existing FreeBSD based router/internet gateway system that is using
ipfilter ipnat. It performs quite well, and my wife would be mightily
irritated if I screwed it up. :)
However, we have VoIP through Vonage, and a standard Comcast cable modem
connection to the Internet. Most
dear all,
i have network like this
lanX.com -
|
lanA.com IPFW FBSD lanB.com === to Internet
| |
lanC.com ---| |--- lanD.com
right now,... lanA.com , lanC.com, lanD.com have
smtpoutgoing to internet via lanB.com
the problem is ..
Dear Ladies and Gentlemen,
I am writing to request for advise/recommendations on the subject. I've
been tasked to build a router/firewall based on FreeBSD. I'd like to use
5.2-RELEASE.
Now my only problem is that I have played a little with ipfw in a
situation where I have just two interfaces, 1
I am writing to request for advise/recommendations on the
subject. I've
been tasked to build a router/firewall based on FreeBSD. I'd
like to use
5.2-RELEASE.
Now my only problem is that I have played a little with ipfw in a
situation where I have just two interfaces, 1 external and 1
On Tue, Mar 30, 2004 at 11:06:16AM +0300, Odhiambo Washington wrote:
Now my only problem is that I have played a little with ipfw in a
situation where I have just two interfaces, 1 external and 1 internal.
My current requirement however involves one external interface and
four (or more)
Newbie here so pls excuse if this question sounds trivial
i use a single bsd router to service 2 properties. I want ppl on prop A to get
1.024kbit/s and the ones on prop B to get 256kbit/sprop B is connected on the same
network as prop A using a wireless device that has the an IP within
Karan Gupta wrote:
Newbie here so pls excuse if this question sounds trivial
i use a single bsd router to service 2 properties. I want ppl on prop A to get 1.024kbit/s and the ones on prop B to get 256kbit/sprop B is connected on the same network as prop A using a wireless device that
Karan Gupta wrote:
Newbie here so pls excuse if this question sounds trivial
Here's a bunch of links posted to questions a little while ago
for ipfw help:
http://freebsd.amazingdev.com/blog/archives/000112.html
--
Jonathan Arnold (mailto:[EMAIL PROTECTED])
Daemon Dancing in the Dark, a
selected the following ( FreeBSD 5.2R ):
It looks fine
Seeing as though I'm not using ipfw filtering I thought I could just
allow everything through by default. Will dummynet still work if
IPFIREWALL_DEFAULT_TO_ACCEPT is set ?
Yes, it will.
Fer
IPFIREWALL #firewall
options IPFIREWALL_DEFAULT_TO_ACCEPT#allow everything by default
options DUMMYNET#bandwidth limiter
options IPSTEALTH #support for stealth forwarding
Seeing as though I'm not using ipfw filtering I thought I
51 matches
Mail list logo