Just a note -
When starting a new thread or question can you please not reply to an
existing email and modify the subject.
Some of us with threaded mail readers might be ignoring the existing
thread you hijack, and therefore not see your query and not be able to
help you out.
If you need
to 10.0.1.2 port 587. Is this possible?
___
Have you tried toggling the 'Static Route Filtering' option in the
Advanced settings?
--
Best Regards,
Giles Coochey, CCNA Security, CCNA
NetSecSpec Ltd
giles.cooc...@netsecspec.co.uk
Tel: +44 (0) 7983 877 438
Live
Coocheygi...@coochey.net wrote:
Have you tried toggling the 'Static Route Filtering' option in the Advanced
settings?
--
--
Best Regards,
Giles Coochey, CCNA Security, CCNA
NetSecSpec Ltd
giles.cooc...@netsecspec.co.uk
Tel: +44 (0) 7983 877 438
Live Messenger: gi...@coochey.net
http
and Private
interfaces to make sure that the NAT is doing what you expect it to.
Then you can probably work through the problem yourself.
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
it.
To be honest, rather than attempt to block individual types of traffic,
you would be better off by putting in a policy that blocks all traffic
and then allows legitimate traffic.
Squid and Dans Guardian would be good starting points for this.
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44
:
ProxyPass / http://172.16.45.133/
ProxyPassReverse / http://172.16.45.133/
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
links over
Microwaves, our equipment had some basic encryption, not very strong -
about DES standard.
Would need line of sight interception for that.
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
Hi,
Is there a package that would allow me to block Tor exit nodes?
Thanks
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
or accepted prior
to any of routing, NAT etc... and a lot fewer CPU instructions are wasted.
Just a thought?
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic
interfaces
in the filter flow you design.
As far as I remember PF does let you specify INPUT or OUTPUT
interface, but not INPUT and OUTPUT.
That would be some feat indeed... the output interface isn't known until
the packet has been routed.:-)
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec
On 04/07/2012 11:06, Tonix (Antonio Nati) wrote:
Il 04/07/2012 11:44, Ermal Luçi ha scritto:
On Wed, Jul 4, 2012 at 10:44 AM, Tonix (Antonio Nati)
to...@interazioni.it wrote:
Il 02/07/2012 15:51, Jim Pingle ha scritto:
On 7/2/2012 9:38 AM, Tonix (Antonio Nati) wrote:
Too much confusion in
.
This could be a power issue, the soekris boxes are low power and can't
run all the peripherals that match the interface's form factor.
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
).
--
Regards,
Giles Coochey, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
___
List mailing list
List@lists.pfsense.org
http
).
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
___
List mailing list
List@lists.pfsense.org
law etc...
however, that is a valid sub-topic for a discussion list that addresses
devices that are designed and implemented to safe-guard privacy.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http
pfsense, therefore it is
on-topic, I could equally take the stance, take your technical
discussions to the dev list, however I am not the type of exclusive
close-minded minded person that you appear to be. Please stop hijacking
this thread.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
in the no.
On 10/10/2013 12:33, Rüdiger G. Biernat wrote:
This discussion about security/NSA/encryption IS important. Please go on.
Von Samsung Mobile gesendet
Ursprüngliche Nachricht
Von: Giles Coochey
Datum:10.10.2013 11:39 (GMT+01:00)
An: list@lists.pfsense.org
Betreff
Dear Sir,
Through participating on the pfsense support and discussion list,
someone from an IP address under your control has attempted to
unsubscribe me from this list.
I see this as an abuse of the mailing list and hope that you take
appropriate action. The IP that the request came from
, and
live with the possible consequences of the security issues these create.
Either way, not following the rules will create a performance issue,
which you might be able to move around to other systems on the subnet,
but still a performance issue.
--
Regards,
Giles Coochey, CCNP, CCNA
should be done by pfsense.
Thank you for your time and sorry for my bad english
___
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444
interface on pfsense to the physical interface on the
machine hosting the virtual machines.
Both methods can be done, not sure which would be the best, it would
depend on the hypervisor.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http
problems
with third party packages, and would mostly be mitigated by not allowing
the web interface to be accessible from non-trusted networks / IPs.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
settings?
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
___
List
of pfsense, are earlier versions vulnerable?
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
, if you've
managed typos in describing your problem, then you've probably made them
when configuring it!
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S
be
complaints about the noise!!! Those things *scream* in the audible sense!!!
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic
recall I have done that in the past with
the dyndns client (ddclient ) script. If you don't specify a specific
IP, it defaults to the origin source.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7983 877438
http://www.coochey.net
http
to uncheck Block private networks on your WAN
interface.
Lastly, I'm assuming that you have disabled NAT already, and that your
ISP is doing NAT for both your LAN and WAN subnets.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http
___
List mailing list
List@lists.pfsense.org
https://lists.pfsense.org/mailman/listinfo/list
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME
interface? Is that an interface for a subnet that
uses ILO type management cards, or are you trying to use an ILO port on
the firewall as a routed interface (which wouldn't work as the ILO is a
seperate system on the server).
Thanks
Giles
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
, especially if you might want to add later VLANs to the
design...
VLANs complexify your needed configuration, and might be where other
admins could trip up.
Might be good to have a look at your routing table, on the diagnostics
menu in the Web interface.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
you here?
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
___
List mailing
have a
passing relationship with, before it is passed to someone else), would
be pretty bad practice.
The bug itself seems to be a genuine problem, the way the bug is put
forward doesn't do much for motivating its resolution.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0
applications on the client end. PPPoE PPPoA
built on this, I guess, to allow ISPs to continue to use their RADIUS
infrastructure for customers authentication as they moved to broadband /
cable based connections.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0
completely fails within a week or so). I would work to get Physical Disk
#2 replaced - if under warranty you might be able to get a replacement
shipped now, on the basis of the error message.
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http
On 29/01/2015 12:47, Giles Coochey wrote:
I was running pfsense 2.1.5 (i386) on my Soekris 6501-70 with an mSata
disk drive without any problems.
I recently upgraded to pfsense2.2 (i386) and it appears to be crashing
once a day or so.
Now that I've disabled read-only /var /tmp it reports
really be helpful.
I'm using NFSEN http://nfsen.sourceforge.net/
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
and pfsense 2.2 (i386)?
--
Regards,
Giles Coochey, CCNP, CCNA, CCNAS
NetSecSpec Ltd
+44 (0) 8444 780677
+44 (0) 7584 634135
http://www.coochey.net
http://www.netsecspec.co.uk
gi...@coochey.net
smime.p7s
Description: S/MIME Cryptographic Signature
___
pfSense
ast to see if _any_ packets are being
received by the SIP peer...
You need to ensure that you _don't_ have siproxd package installed, as
this can interfere with your non-NAT set up.
Thanks a lot again, regards!!!
2018-01-09 12:17 GMT-03:00 Giles Coochey <gi...@coochey.net>:
On 09/01/201
On 09/01/2018 14:34, Roberto Carna wrote:
Dear, I have an Asterisk PBX in a DMZ behind a pfSense and a remote
peer out of the pfSense. I connect PBX and Peer in order to establish
a SIP trunk.
In the path "PBX -- pfSense -- SIP trunk peer" there is no NAT at all.
So we have generated two
40 matches
Mail list logo
