web service, but ssh commands would work too.
Any suggestions?
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant
have to do this by making a custom php script. I think editing
/cf/conf/config.xml and then /etc/rc.reload_all would be too disruptive.
-Jason
>
> --
> Michael D. Wood
> www.itsecuritypros.org
>
> -Original Message-
> From: list-boun...@lists.pfsense.org
> [m
> -Original Message-
> From: Chris Buechler
> Sent: Saturday, March 30, 2013 0:48
>
> On Fri, Mar 29, 2013 at 3:39 PM, Jason Pyeron
> wrote:
> >
> > That would be verry disruptive, it says: "Resetting the
> state tables
> > will remove all
> -Original Message-
> From: Jason Pyeron
> Sent: Saturday, March 30, 2013 8:36
>
> > -Original Message-
> > From: Chris Buechler
> > Sent: Saturday, March 30, 2013 0:48
> >
> > On Fri, Mar 29, 2013 at 3:39 PM, Jason Pyeron
> > w
Does anyone know why the alias code is hard limited at 4999 aliases?
See firewall_aliases_edit.php:line 251: for($x=0; $x<4999; $x++) {
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pye
-hardwaresoftware-watchdogs/,
where should I go to learn more about setting a watchdog timer up?
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us
?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100-
- +1 (443) 269-1555 x333Baltimore, Maryland 21218
to examine more closely in wireshark.
As for traffic denied by the firewall have you tried looking at the firewall
logs?
Trevor
On Apr 28, 2013 5:47 AM, "Jason Pyeron" wrote:
I am looking to capture all the packets that are traversing and attempting to
traverse the firewall.
If I u
the em0 pcap data.
_
From: list-boun...@lists.pfsense.org [mailto:list-boun...@lists.pfsense.org] On
Behalf Of Jason Pyeron
Sent: Sunday, April 28, 2013 12:47
To: 'pfSense support and discussion'
Subject: Re: [pfSense] Packet capture
Yes the interface for packet capture is
hshoresoftware.com <http://www.northshoresoftware.com/>
<https://mail.google.com/mail/u/0/?ui=2&ik=3456340655&view=att&th=13ab8f806fccb0
7e&attid=0.2&disp=inline&realattid=f_h8z0yrka2&safe=1&zw&saduie=AG9B_P_0HvEbIe6v
cnhsenP3ZJiz&sadet=1352854635474&sads
456340655&view=att&th=13ab8f806fccb0
7e&attid=0.2&disp=inline&realattid=f_h8z0yrka2&safe=1&zw&saduie=AG9B_P_0HvEbIe6v
cnhsenP3ZJiz&sadet=1352854635474&sads=QIpOFwfaK2xnZX61g1WsD4mNl08>
On Sun, Apr 28, 2013 at 1:21 PM, Jason Pyeron wrote:
Nice.
Standard
query ANY
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100-
- +1 (443) 269-1555 x333
vEbIe6v
cnhsenP3ZJiz&sadet=1352854635474&sads=QIpOFwfaK2xnZX61g1WsD4mNl08>
On Sun, Apr 28, 2013 at 4:16 PM, Jason Pyeron wrote:
Yeah, that is what I quoted. Once you told me about the pflog0 I googled it. It
seems that it is not just a copy of the headers that get sent to that vir
.. Thank You
with google:
http://lmgtfy.com/?q=How+to+Configure+Bandwidth+Management+rules+in+pfSense
Do you have a more specific question?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron
arp.html#pfsyncop
3:
http://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_(CARP)
4: http://www.seattlecentral.edu/~dmartin/docs/bridge.html
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
> -Original Message-
> From: Chris Buechler
> Sent: Monday, May 13, 2013 2:04
>
> On Sun, May 12, 2013 at 10:25 AM, Jason Pyeron wrote:
> > Is the instructions in #4 the best way to do this, and are there
> > updates (since
> > 2006) I should
://iase.disa.mil/stigs/net_perimeter/network_infra/u_network_firewall_v8r14_
stig_20130426.zip
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal
.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us
<http://www.pdinc.us/> -
- Principal Consultant 10 West 24th Street #100-
- +1 (443) 269-1555 x333Baltimore, Maryland
sense.org
http://lists.pfsense.org/mailman/listinfo/list
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us
<http://www.pdinc.us/> -
- Principal Consu
> would probably be complaints about the noise!!! Those things
> *scream* in the audible sense!!!
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant
?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100-
- +1 (443) 269-1555 x333Baltimore, Maryland 21218
g it.
I am reading:
https://doc.pfsense.org/index.php/Setup_Snort_Package
This is going to take a few weeks to experiment with.
Thanks.
>
> On Mon, Jun 9, 2014 at 12:16 PM, Jason Pyeron
> wrote:
> > We are trying to enhance our (D)DOS detection and response.
> Can pfSense cre
to be in the same order as 29 minutes,
> which would be
> 1740 seconds.. The closest is tcp.closing which is half that.
>
> _______
> List mailing list
> List@lists.pfsense.org
> https://lists.pfsense.org/mailman/listinfo/list
>
>
>
The only one that took effect was #4.
Any suggestions or questions?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100-
- +1 (443) 269-1555 x333Baltimore, Maryland
icit concerns (such as
CPU usage, etc.)
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West
ces.
Any suggestions?
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100-
-
> -Original Message-
> From: Brian Caouette
> Sent: Wednesday, October 08, 2014 11:59
>
> On 10/8/2014 11:39 AM, Jason Pyeron wrote:
> > I think I am being hit by the same issue.
> >
> > Here is what I tried:
> >
> > Version: 2.0.2-RELEASE (i
> -Original Message-
> From: List [mailto:list-boun...@lists.pfsense.org] On Behalf
> Of compdoc
> Sent: Wednesday, October 08, 2014 12:46
> To: 'pfSense Support and Discussion Mailing List'
> Subject: Re: [pfSense] a notification is not sent when a
> gatewayis down[https://redmine.pfsen
0:00.02 /bin/tcsh
root 57023 0.0 0.3 3456 1236 0 R+ 11:52AM 0:00.00 ps auxwww
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us
> -Original Message-
> From: Jason Pyeron
> Sent: Thursday, October 09, 2014 12:06
>
> A transparent firewall is showing the same problem as ticket
> 2555, I am unable to diagnose the issues without help.
>
> I have tried rebooting, the problem comes back at
00 20 00 00 40 00 01 02 04 17 00 00 00 00 F.. ..@.
0050 e0 00 00 01 94 04 00 00 11 64 ee 9b 00 00 00 00 .d..
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron
are sent to a external server.
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100-
- +1 (443) 269-1555 x3
ode: sec_error_unknown_issuer)"
>
>
> Any idea how to make this work?
Which browsers is this happening in?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron
.
Other than changing the default gateway on that host, how can I port forward
SSH to that host?
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http
> -Original Message-
> From: PiBa
> Sent: Sunday, February 22, 2015 12:47
>
> Chris Bagnall schreef op 22-2-2015 om 18:34:
> > On 22/2/15 5:07 pm, Jason Pyeron wrote:
> >> Other than changing the default gateway on that host, how
> can I port
> >
> -Original Message-
> From: j...@use.startmail.com
> Sent: Tuesday, May 03, 2016 1:06 PM
>
> Greetings,
>
> I wonder if it is possible to configure passwordless ssh
> access via ssl keys like done is regular unix via ssh-copy-id command.
Yes.
Googling the correct terminology: pfsense
> -Original Message-
> From: On Behalf Of Jim Thompson
> Sent: Tuesday, October 02, 2012 19:24
> Subject: [pfSense] Turning UDP broadcast into a unicast on another
interface
>
> Without writing a small program? No, I can't think of a way.
Before I go a write such a program, does anyone
> -Original Message-
> From: Chris Buechler
> Sent: Wednesday, June 01, 2016 14:54
>
> On Wed, Jun 1, 2016 at 8:00 AM, Jason Pyeron wrote:
> >> -Original Message-
> >> From: On Behalf Of Jim Thompson
> >> Sent: Tuesday, October 02, 2012
e?
-Jason
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- -
- Jason Pyeron PD Inc. http://www.pdinc.us -
- Principal Consultant 10 West 24th Street #100-
- +1 (443) 269
40 matches
Mail list logo