Hi misc,
I have 2 OpenBSD 5.1 64bit boxes. I want to setup relayd for lan servers
with carp and pfsync for LAN USERS.
What I want to achieve is that LAN USERS connect to carp1 ip address ( lan
shared ip - 192.168.0.100 ). then, relayd will redirect that traffic to 2
lan servers running
carlopm...@gmail.com (C. L. Martinez), 2012.08.15 (Wed) 20:20 (CEST):
On Tue, Aug 14, 2012 at 10:00 AM, C. L. Martinez carlopm...@gmail.com
wrote:
Hi all,
I have some rules that I would like to redirect in syslog format to a
log file. I don't need to touch /var/log/pflog. To accomplish
Hi!
I'm using 5.1-stable on two machines with pppoe connections. The pf
synproxy state option doesn't work on pppoe interfaces, it just sends
back a TCP reset when trying to connect to a port configured with
synproxy state.
Meanwhile it works on any other interface (eg. the internal LAN
On cs, aug 16, 2012 at 12:19:06 +0200, LEVAI Daniel wrote:
[...]
Forgot the dmesg. If it matters.
OpenBSD 5.1-stable (GENERIC) #0: Tue Aug 7 02:00:34 CEST 2012
root@.:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 2.40GHz (GenuineIntel 686-class) 2.42 GHz
cpu0:
Hi ALL,
I myself got it working after changing pf.conf file and relayd.conf files
here are the new working ones
*
in /etc/pf.conf file* *( on both nodes - fw1 and fw2 )*
# cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.50 2011/04/28 00:19:42 mikeb Exp $
#
# See pf.conf(5) for syntax and
Any help would be appreciated.
Works for me on 5.1
I don't think it's the rule but the combination of rules. Try reordering
your ruleset. I've had a problem before but I forget or never found the
specific reason.
--
___
On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
Any help would be appreciated.
Works for me on 5.1
I don't think it's the rule but the combination of rules. Try reordering
your ruleset. I've had a problem before but I forget or never found the
specific reason.
Okay, okay,
Serwus
W czwartek, 16 sie 2012 o 16:18 CEST
Indunil Jayasooriya induni...@gmail.com napisał(a):
I myself got it working after changing pf.conf file and relayd.conf files
You've changed redirect to relay in relayd.conf. I suppose this is the
real solution (it changes the way how relayd handle
On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
Any help would be appreciated.
Works for me on 5.1
I don't think it's the rule but the combination of rules. Try reordering
your ruleset. I've had a problem
Hi list,
I'd like to blackhole some traffic. For instance, my AS is
12.34.56.0/20, so 12.34.58.0 might be announced, but is not necessarily
connected (internal routing via OSPFd).
On Cisco one uses:
ip route 0.0.0.0 0.0.0.0 Null0
This would throw any traffic headed to a network within my
Le 15 août 2012 à 16:16, L. V. Lammert a écrit :
On Wed, 15 Aug 2012, Mikkel Bang wrote:
But with so many people recommending so many different tools, it gets hard
to come to a conclusion. Looks like I'm finally arriving at this though:
postfix (postfix-anti-UCE.txt) + dspam - what do you
On Thu, Aug 16, 2012 at 11:41 AM, MERIGHI Marcus mcmer-open...@tor.at wrote:
carlopm...@gmail.com (C. L. Martinez), 2012.08.15 (Wed) 20:20 (CEST):
On Tue, Aug 14, 2012 at 10:00 AM, C. L. Martinez carlopm...@gmail.com
wrote:
Hi all,
I have some rules that I would like to redirect in
# pfctl -sr
pass all flags S/SA
pass in on pppoe0 inet proto tcp from src to dst port = flags S/SA
synproxy state
This is the only rule. Otherwise it's just 'pass all'. If I remove this
rule too *or* change synproxy to keep, the connection is working.
I remember being puzzled by
http://www.openbsd.org/cgi-bin/man.cgi?query=routeapropos=0sektion=0manpath=OpenBSD+Currentarch=i386format=html
Route has a -blackhole option, so you might try route add -blackhole
0.0.0.0/0 127.0.0.1
On Thu, Aug 16, 2012 at 7:47 AM, Bernd be...@kroenchenstadt.de wrote:
Hi list,
I'd like to
On Thu, 16 Aug 2012 14:47:25 +0200
Bernd be...@kroenchenstadt.de wrote:
Is there a way to achieve this on OpenBSD?
Directly from my mind...
To blackhole some google stuff.
route add -blackhole 8.8.0.0/16 127.0.0.1
/Martin
On Thu, Aug 16, 2012 at 02:47:25PM +0200, Bernd wrote:
Hi list,
I'd like to blackhole some traffic. For instance, my AS is
12.34.56.0/20, so 12.34.58.0 might be announced, but is not
necessarily connected (internal routing via OSPFd).
On Cisco one uses:
ip route 0.0.0.0 0.0.0.0 Null0
Ïðèìè ó÷àñòèå â àêöèè îò iCredit è îòïðàâëÿéñÿ íà ×åðíîå ìîðå!
Àêöèÿ ïðîâîäèòñÿ ïî 31 àâãóñòà âêëþ÷èòåëüíî
Ðàçûãðûâàþòñÿ 3 ïóòåâêè, êàæäàÿ èç êîòîðûõ ðàññ÷èòàíà íà 2-õ ÷åëîâåê, íà
Êðûìñêîå ïîáåðåæüå íà ïåðèîä áàðõàòíîãî ñåçîíà è ïîäàðêè ñóìêè äëÿ
ïóòåøåñòâèé.
Óñëîâèÿ àêöèè:
1. Äëÿ òîãî, ÷òîáû
On Thu, 16 Aug 2012 14:37:50 +0200
LEVAI Daniel l...@ecentrum.hu wrote:
On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
Any help would be appreciated.
Works for me on 5.1
I don't think it's the rule but
On cs, aug 16, 2012 at 17:18:08 +0200, Christopher Zimmermann wrote:
On Thu, 16 Aug 2012 14:37:50 +0200
LEVAI Daniel l...@ecentrum.hu wrote:
On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
Any help would be
On cs, aug 16, 2012 at 15:10:51 +0100, Kevin Chadwick wrote:
# pfctl -sr
pass all flags S/SA
pass in on pppoe0 inet proto tcp from src to dst port = flags S/SA
synproxy state
This is the only rule. Otherwise it's just 'pass all'. If I remove this
rule too *or* change synproxy
pass all flags S/SA
pass in on pppoe0 inet proto tcp from src to dst port = flags
S/SA synproxy state
Originally you posted pass in quick. Keep the quick in there, not for
any reason other than I have a quick in my rules. Same with the NIC, I
don't have any logical hopes for
copy; 2012 Conference Corporativo S.C.
Asista a los 45 Mejores Cursos en Meacute;xico de la Serie: CONTABILIDAD Y
FINANZAS Incluye Temas Criacute;ticos Sobre:
Cierre de Gestioacute;n, Observaciones y Responsabilidades
Cursos, Contenidos y Metodologiacute;as Desarrollados en Alianza con las
Mejores
¡Muy Importante!
Si no puede visualizar correctamente este correo, le pedimos que lo arrastre a
su Bandeja de Entrada
Apreciable Ejecutivo:
TIEM de México
Empresa Líder en Capacitación y Actualización de Capital Humano
Pone nuevamente a su disposición este exitoso curso denominado:
Comunicación
I'm not sure if it's relevant for your situation, but do you know
that, according to the iked(8) manpage, iked is 'not finished' and not
recommended for production networks? (See the last section -
'caveats')
It might be better to use isakmpd(8) with
ipsec(4)/ipsecctl(8)/ipsec.conf(5) if your
24 matches
Mail list logo