Hi!
On 5.2-stable, I'm trying to setup the stock ftpd(8) on a machine where
the incoming traffic is not allowed arbitrarily above
net.inet.ip.porthifirst, and the clients wish to use passive mode data
connections.
I thought I could use ftp-proxy(8) to append a pass in rule to the
ftp-proxy anchor
The very, very first rule in my pf ruleset is part of a fairly vanilla
anti-spoof/sanity check set, intended to catch incoming bogon/martian
packets:
table unroutable_ips const { 10.0.0.0/8, 172.16.0.0/12,
192.168.0.0/16, !$int_net, !$wls_net, !$ptr_net, 169.254.0.0/16,
127.0.0.0/8,
Hi
I'm looking into replacing some older OpenBSD boxes (running BGPD/OSPFD
and do routing, no active pf) with some new hardware. Of course I'd like
to replace them with something fast.
Currently there is only moderate load ~200mbps / 200-300kpps. But a
little room to grow wont hurt. I guess
On Tue, Mar 26, 2013 at 05:46:12PM -0300, Hugo Osvaldo Barrera wrote:
On 2013-03-20 20:37, Hugo Osvaldo Barrera wrote:
I've been having a very annoying issue with an 82574L for a pretty long
time now.
After the PC is turned off (either properly or due to a power failure),
the NIC does
On Wed, Mar 27, 2013 at 07:49:27PM +0100, Andre Keller wrote:
Hi
I'm looking into replacing some older OpenBSD boxes (running BGPD/OSPFD
and do routing, no active pf) with some new hardware. Of course I'd like
to replace them with something fast.
Currently there is only moderate load
On 2013-03-27, Andre Keller a...@list.ak.cx wrote:
Hi
I'm looking into replacing some older OpenBSD boxes (running BGPD/OSPFD
and do routing, no active pf) with some new hardware. Of course I'd like
to replace them with something fast.
Currently there is only moderate load ~200mbps /
Thanks to Jan for pointing out I neglected to include the macro defs
for the nets (though they're vanilla and what you'd expect). Here's
the full source for the first rule, the one I think should catch the
bogon packets but doesn't:
int_net = 192.168.5.128/25
wls_net = 192.168.10.128/25
ptr_net
On 27 Mar 2013 at 16:01, David Ruggiero wrote:
Thanks to Jan for pointing out I neglected to include the macro defs
for the nets (though they're vanilla and what you'd expect). Here's
the full source for the first rule, the one I think should catch the
bogon packets but doesn't:
int_net =
Thanks! No, it didn't occur to me, so very appreciated. I didn't
remember that you could do that form of the table command to show
explicit members in a list, so that's also really helpful.
FWIW, though..I would not have expected that pf would silently
drop - without any warning message or
9 matches
Mail list logo
