Greetings! Included below is my pf.conf set up to use
dansguardian (proxyport 3128, filterport 8080)
and tinyproxy (listen port 3128) as a transparent
proxy.
What changes do I need to make to keep someone on
int_if/int_net from circumventing dansguardian
by changing their browser to point to
On 4/18/07, Reyk Floeter [EMAIL PROTECTED] wrote:
On Tue, Apr 17, 2007 at 05:34:48PM -0700, [EMAIL PROTECTED]
wrote:
I run an openbsd firewall. I want to block certain sites either
by IP
address or by domain name. How do I get more information on how
to set
this up?
Thanks in advance.
--- Darrin Chandler [EMAIL PROTECTED] wrote:
...
Here is a good place, and there's also a pf mailing list as well
(pf@benzedrine.cx).
...
Is this mailing list still active? I subscribed about a month
ago and have yet to receive a single e-mail.
The archives show no messages after Nov '05.
[snip]
My favorite solution is rsnapshot in ports. It beats rsync and scp
because not only does it allow you to specify what and when to
backup,
but it uses hard links. What's that got to do with anything? Well it
rsyncs everything on the first backup, and only the differences
there
after.
Dear All,
Everything is working now: caching DNS server, pf, dhcp, and
tinyproxy.
For the record, these really were my friends:
1. pfctl -g -s rules | grep '^@'
2. tinyproxy compiled with --enable-debug
3. this list (awe shucks!)
Tinyproxy.conf ended up being the culprit but not without a
I would ask: does it still work under 3.8? I'm not so sure 3.9
is the culprit.
MS security updates hose this kind of stuff all the time (at least
for me).
Take care,
Allen
--- Tim [EMAIL PROTECTED] wrote:
I may be beat up for asking this question, but I'll endure it if it
leads to an
Good morning,
I am having problems getting tinyproxy 1.6.3 to run transparently
with pf.
I recompiled/reinstalled tinyproxy with --enable-transparent-proxy
and restarted my system.
I figured the key is to start simple and build from there.
So, I set up the most simplistic pf ruleset: pass
--- Stuart Henderson [EMAIL PROTECTED] wrote:
On 2006/06/12 04:20, Allen Theobald wrote:
I recompiled/reinstalled tinyproxy with --enable-transparent-proxy
and restarted my system.
Double-check you're running the new binary...ports/packages might
not put files in the same place
Hello!
For installing a package how can I tell what the configure
script (./configure) or command line arguments to the build were?
Take care,
Allen
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Greetings,
I get transparent proxying with squid and pf.
I get dansguardian and pf.
What I don't get is squid, dansguardian, and pf.
pf.conf fragment:
int_if=gem0
ext_if=kue0
# redirect to squid
rdr on $int_if inet proto tcp from any to any \
port www - 127.0.0.1
Greetings and thank you all for your replies.
Thanks to all your suggestions I finally got it going with a caching
DNS server.
I understand this particular approach and am grateful to have it
working.
Being somehwat of a geek I am not content with merely getting it
working, though! :^)
In case anyone was going to answer this. :^)
Forget this followup.
In my rush to get an answer I didn't actually think about what I
was asking at the end (thanks to Jeff Quast for pointing this out).
Take care,
Allen
Tired of spam? Yahoo! Mail has the best spam protection around
Greetings everyone!
This question has to do with PF and DNS from my internal network to my ISP.
Here is what I have done:
Set /etc/sysctl.conf
net.inet.ip.forwarding=1
Set /etc/rc.conf
pf=YES
Used the pf.conf file from the FAQ
(http://www.openbsd.org/faq/pf/example1.html).
Greetings everyone!
Apologies in advance if this came through already.
This question has to do with PF and DNS from my internal
network to my ISP.
Here is what I have done:
Set /etc/sysctl.conf
net.inet.ip.forwarding=1
Set /etc/rc.conf
pf=YES
Used the pf.conf file from the FAQ
14 matches
Mail list logo
