This makes no difference.
Op 13-04-2024 om 22:06 schreef Peter J. Philipp:
On Sat, Apr 13, 2024 at 09:32:48PM +0200, Karel Lucas wrote:
What should I add then, considering my PF ruleset? To be honest, all of this
is very unclear to me at the moment, so any help is appreciated.
How about:
What should I add to get it working?
Op 13-04-2024 om 02:39 schreef Alexis:
Karel Lucas writes:
Ping only works partially. For example, this works: ping -c 10
195.121.1.34. But this doesn't work: ping -c 10 www.apple.com. I
suspect this has to do with DNS servers, but I don't know where to
On Sat, Apr 13, 2024 at 09:32:48PM +0200, Karel Lucas wrote:
> What should I add then, considering my PF ruleset? To be honest, all of this
> is very unclear to me at the moment, so any help is appreciated.
How about:
pass out inet proto { tcp, udp } from any to any port { 53, 853 } keep state
What should I add then, considering my PF ruleset? To be honest, all of
this is very unclear to me at the moment, so any help is appreciated.
Op 13-04-2024 om 02:39 schreef Alexis:
Karel Lucas writes:
Ping only works partially. For example, this works: ping -c 10
195.121.1.34. But this
On Sat, Apr 13, 2024 at 06:18:46AM +0200, Janne Johansson wrote:
> Den fre 12 apr. 2024 kl 19:41 skrev Karel Lucas :
> >
> > Hi all,
> >
> > Ping only works partially. For example, this works: ping -c 10
> > 195.121.1.34. But this doesn't work: ping -c 10 www.apple.com. I suspect
> > this has to
Den fre 12 apr. 2024 kl 19:41 skrev Karel Lucas :
>
> Hi all,
>
> Ping only works partially. For example, this works: ping -c 10
> 195.121.1.34. But this doesn't work: ping -c 10 www.apple.com. I suspect
> this has to do with DNS servers, but I don't know where to start
> troubleshooting. Can
Karel Lucas writes:
Ping only works partially. For example, this works: ping -c 10
195.121.1.34. But this doesn't work: ping -c 10 www.apple.com. I
suspect this has to do with DNS servers, but I don't know where
to start troubleshooting.
Indeed, you appear to have no rules allowing
Hi all,
Ping only works partially. For example, this works: ping -c 10
195.121.1.34. But this doesn't work: ping -c 10 www.apple.com. I suspect
this has to do with DNS servers, but I don't know where to start
troubleshooting. Can someone help me?
/etc/pf.conf:
ext_if = igc0
On Wed, Apr 10, 2024 at 11:01:18PM +0200, Peter N. M. Hansteen wrote:
> Another gentle introduction can be found in the latest PF tutorial,
> the slides for the AsiaBSDCon 2024 version can be found as
> https://nxdomain.no/~peter/pf_asiabsdcon2024.pdf which in turn has
> references to various
On Wed, Apr 10, 2024 at 04:41:58PM -0400, Steve Litt wrote:
> I found out where to buy your book, and will buy it once I have the
> "for dummies" level of knowledge. In the meantime, what other PF
> references do you recommend? I know just enough PF to be dangerous, but
> want to make my own
Still dont know whats happening because we dont know what those line errors
mean.
When you changed the macros to tables, did you also update the rules to to
match?
On April 9, 2024 9:32:06 AM UTC, Karel Lucas wrote:
>I moved the lines with the martians between the 'block log all' line and the
The errors were caused by the word 'log' in lines where it apparently
did not belong. Those errors have now been resolved. In Peter Hansteen's
book, the rules are clearly stated on page 91, and there is no 'match'
in them.
Op 09-04-2024 om 17:12 schreef l...@trungnguyen.me:
Still dont know
In /etc/pf.conf:
table persist file "/etc/martians"
In /etc/martians:
127.0.0.0/8
192.168.0.0/16
172.16.0.0/12
10.0.0.0/8
169.254.0.0/16
192.0.2.0/24
0.0.0.0/8
240.0.0.0/4
Op 09-04-2024 om 16:06 schreef Peter N. M. Hansteen:
On Tue, Apr 09, 2024 at 10:52:45AM +0200, Karel Lucas wrote:
I
The example I'm referring to is how to define a table (page 42), and I
applied that to the martians example (page 91).
Op 09-04-2024 om 16:06 schreef Peter N. M. Hansteen:
On Tue, Apr 09, 2024 at 10:52:45AM +0200, Karel Lucas wrote:
I defined the table as stated in your book (3rd edition,
On Apr 09 08:39, Karel Lucas wrote:
> For the first time I tested my new firewall with ping, and it is blocked. I
> don't know what the reason is, you can find the information below. I have a
> network with only regular clients, so no servers. I'm still using OpenBSD
> V7.4, and will upgrade once
On Tue, Apr 09, 2024 at 10:52:45AM +0200, Karel Lucas wrote:
> I defined the table as stated in your book (3rd edition, page 42). However,
> that gives an error message. In the lines with that table: macro 'martians'
> not defined. Moreover, I now also have a Syntax error in lines 38, 39 and
> 46,
I can assure you that I did not use capital letters in the macro names,
and used the '<' and '>'.
Op 09-04-2024 om 11:58 schreef Peter N. M. Hansteen:
On Tue, Apr 09, 2024 at 10:52:45AM +0200, Karel Lucas wrote:
I defined the table as stated in your book (3rd edition, page 42). However,
that
I managed to get ping through. The error was the "log" words in the
lines. But this is just the beginning. Now I have another problem with
traceroute, as well as with all the normal internet traffic that has to
go through it. In the traceroute rules I replaced "$ext_if" with
"egress", but that
On Tue, Apr 09, 2024 at 10:52:45AM +0200, Karel Lucas wrote:
> I defined the table as stated in your book (3rd edition, page 42). However,
> that gives an error message. In the lines with that table: macro 'martians'
> not defined. Moreover, I now also have a Syntax error in lines 38, 39 and
> 46,
I moved the lines with the martians between the 'block log all' line and
the ping lines. Furthermore, I changed the macro 'martians' to a table:
table persist file "etc/martians".
Messages during booting:
/etc/pf.conf:29: syntax error
/etc/pf.conf:29: macro 'martians' not defined
On Tue, Apr 09, 2024 at 10:52:45AM +0200, Karel Lucas wrote:
> I defined the table as stated in your book (3rd edition, page 42). However,
> that gives an error message. In the lines with that table: macro 'martians'
> not defined. Moreover, I now also have a Syntax error in lines 38, 39 and
>
I defined the table as stated in your book (3rd edition, page 42).
However, that gives an error message. In the lines with that table:
macro 'martians' not defined. Moreover, I now also have a Syntax error
in lines 38, 39 and 46, causing the pf lines not to be loaded.
Op 09-04-2024 om 08:53
On Tue, Apr 09, 2024 at 08:39:08AM +0200, Karel Lucas wrote:
> Hi all,
>
> For the first time I tested my new firewall with ping, and it is blocked. I
> don't know what the reason is, you can find the information below. I have a
> network with only regular clients, so no servers. I'm still using
On Tue, Apr 09, 2024 at 08:39:08AM +0200, Karel Lucas wrote:
> Hi all,
>
> For the first time I tested my new firewall with ping, and it is blocked. I
> don't know what the reason is, you can find the information below. I have a
> network with only regular clients, so no servers. I'm still using
Hi all,
For the first time I tested my new firewall with ping, and it is
blocked. I don't know what the reason is, you can find the information
below. I have a network with only regular clients, so no servers. I'm
still using OpenBSD V7.4, and will upgrade once the firewall is up and
running
25 matches
Mail list logo
