On Sun, Feb 24, 2019 at 01:43:08PM +0700, Frank Beuth wrote:
> Is it possible to restrict network access on a per-user or per-application
> (rather than per-port) basis?
>
> pf does not seem to have any capability to do this, maybe I missed something.
>
Don't know what you are aiming to do but
On Sun, Feb 24, 2019 at 09:09:06AM +0100, Denis Fondras wrote:
On Sun, Feb 24, 2019 at 01:43:08PM +0700, Frank Beuth wrote:
Is it possible to restrict network access on a per-user or per-application
(rather than per-port) basis?
pf does not seem to have any capability to do this, maybe I
On 2019-02-24, Frank Beuth wrote:
> On Sun, Feb 24, 2019 at 09:09:06AM +0100, Denis Fondras wrote:
>>On Sun, Feb 24, 2019 at 01:43:08PM +0700, Frank Beuth wrote:
>>> Is it possible to restrict network access on a per-user or per-application
>>> (rather than per-port) basis?
>>>
>>> pf does not
On 2019/02/24 21:44, Frank Beuth wrote:
> On Sun, Feb 24, 2019 at 09:56:12AM -, Stuart Henderson wrote:
> > PF 'user' should do the trick. Note: it only works for TCP/UDP but for
> > this you should be able to do something like
> >
> > block all
> > pass inet proto tcp to 192.0.2.1 port 22
I've been experimenting with implementing something like vmmci(4) for
Linux guests. It's started to prove useful to myself so maybe others
will benefit, even though there are currently some caveats[1].
https://github.com/voutilad/virtio_vmmci
My primary use case is keeping some Linux guests
Hi,
I am playing with rad(8) in my LAN:
cat /etc/rad.conf
interface trunk0 {
prefix fd94:eb64:36ae:44b9::/64
default router yes
dns {
nameserver fd94:eb64:36ae:44b9::1
}
}
and IP addresses are assigned as expected, but problem is that rad(8) send
router address from link-local
On Sun, Feb 24, 2019 at 09:56:12AM -, Stuart Henderson wrote:
PF 'user' should do the trick. Note: it only works for TCP/UDP but for
this you should be able to do something like
block all
pass inet proto tcp to 192.0.2.1 port 22 user sshtunnel
Thanks. You say "only works for TCP/UDP",
Yes, right in the default pf.conf they block the pbuild user:
block return out log proto {tcp udp} user _pbuild
On 2/23/19 10:43 PM, Frank Beuth wrote:
Is it possible to restrict network access on a per-user or
per-application (rather than per-port) basis?
pf does not seem to have any
On Sun, Feb 24, 2019 at 03:12:31PM +, Stuart Henderson wrote:
Basically I'm trying to say, if you wanted to do it the other way round
(pass by default, block certain traffic) you wouldn't be able to block
everything.
If you're trying to stop all possible paths something on the system
might
yes, OK so how to use prefix range then ? What if I want explicitly set some IP
as router?
Sent with ProtonMail Secure Email.
‐‐‐ Original Message ‐‐‐
On Monday, February 25, 2019 12:33 AM, Delan Azabani wrote:
> At 05:25, kolargol kolar...@protonmail.com wrote:
>
> > How should I
Excuseme that I ask instead of inspecting rc files. :)
I do manually
bioctl -c C -l /dev/XXX softraid0
and mount the resulting device.
Should I manually unmount and do "bioctl -d " before shutdown?
Or just shutdown? The umount will sure be done, but also the bioctl -d?
Thanks
Rodrigo
Hi Anton,
li...@wrant.com wrote on Sun, Feb 24, 2019 at 09:00:27AM +0200:
> Probably, FreeBSD-12.0 was positioned out of group in the drop down list.
> The drop down list is (intentionally) not sorted https://man.openbsd.org/
Actually, i do keep the drop-down-list sorted, as follows:
1.
At 05:25, kolargol wrote:
> How should I fix it ? Or what I am doing wrong ?
The link-local router address is correct. RFC 4861 § 4.2 says:
> Source Address
> MUST be the link-local address assigned to the
> interface from which this message is sent.
thanks everyone for their feedback.
I ended up backing up internal emmc drive and disklabel
dd if=/dev/rsd1c of=emmc_4G_backup/factory_linux.img bs=8225280 count=481
next step is install on internal drive.
New question, is there a way to mount Squashfs filesystem on OpenBSD?
file
Hoping to clarify the necessity of HTTPD SIGUSR & specifically the following
error located in the daemon log.
httpd[59510]: parent_sig_handler: reopen requested with SIGUSR1
At this point it appears that SIGUSR1 is a definable signal.
However the following command forcibly closes the current
15 matches
Mail list logo