Hi,
Suppose I have an anchor in PF that, when some condition
is met, is loaded with a set of block rules.
If the condition is met, the connections that were
open before these blcok rules were loaded to the
anchor are not dropped, correct?
If so, is there some way to selectively drop some
Hi,
Looking at some setups used in the past for spamd, I noticed that
many prefer to use a separate internal NIC to connect to each MX
instead of using the internal spamd NIC connected to a switch,
where all MXs would be, including possibly other sub-domain MXs.
Is there anything wrong or
Hi,
I need to setup a bridge to run spamd in greylisting mode.
Since there have been some changes in spamd recently and
the ruleset that appeared in the article in the OpenBSD
Journal in the past
(http://undeadly.org/cgi?action=articlesid=20061108134508)
is more appropriate for blacklist mode, I
Hi,
I am trying to use the greyscanner within my anti-spam firewall.
I installed some of the mentioned packages:
# pkg_info
gettext-0.14.6p0GNU gettext
libiconv-1.9.2p3character set conversion library
logsentry-1.1.1p2 logfile auditing tool
lsof-4.77p0 list information about
Hi,
I did forget to mention I am running 4.2 STABLE on a
i386 machine.
Regards,
Jeff.
OpenBSD 4.2-stable (GENERIC) #0: Wed Dec 12 16:32:58 BRT 2007
OpenBSD.i386
--
Want an e-mail address like mine?
Get a free e-mail account today at www.mail.com!
Hi Stuart and the others,
pass out queue (std_out,lowdelay)
here, you place ACKs from downloads at a higher priority than
your voip calls. this is unlikely to be what you want with priq
over a 140Kb/s link..
there are some other things you could look at too but changing
this would be a
Hi,
Thanks for your insights.
- Original Message -
From: scott [EMAIL PROTECTED]
1. Your topology: On the inside lan, are you hosting clients or
service? So is this an outside-to-inside -or- an inside-to-outside
problem?
VoIP Clients. ATAs. This is an inside-to-outside problem.
Hi,
I would like to know if this is possible and how, regardless of what
happenned with other applications.
I would like to setup PF so that, whenever an initial voip flow was
detetcted, all other non relevant traffic would be blocked, and normal
packet flow being restored only after some voip
Hi,
I posted a question earlier, but I guess I was not clear.
I have a firewall running OpenBSD 4.2 and SPAMD to block spams.
I would like to know how many legitimate email messages SPAMD
is letting in. The default spamd setup that comes in pf.conf is
no rdr on $ext_if proto tcp from
Hi,
Is it possible to know how many SMTP legitimate SMTP connections
have passed through SPAMD?
In a setup like,
no rdr on $ext_if proto tcp from spamd-white to any port smtp
rdr pass on $ext_if proto tcp from any to any port smtp \
- 127.0.0.1 port spamd
Can I assume the number of
OK...
I know I did not give enough information to allow people help.
So here are some more.
The firewall works fine running routed most of the time. It is
running 4.1-STABLE (below is a dmesg).
I see a lot of interrupts on both internal and external interfaces
sk0 and sk1. Something like 3600.
Hi,
Other than a hardware problem (interface, switch, cabling, etc.),
What could cause such an error?
I have an OpenBSD 4.1 station configured as a firewall/router,
in which the internal interface has address 200.232.120.1/24
and the external interface has address 200.232.140.3/24.
Even when I
Hi,
I am running OpenBSD 4.1 on a firewall/router.
For some unknown reason (to me), whenever I start the command
nice route monitor
after a little while, I begin to get an enormous quantity of
messages like:
got message of size 104 on ...
RTM_MISS: Lookup failed on this address: len 104,
Hi,
If enough packets are lost to prevent ARP from getting through, you
might see that.
Even if I use permanent ARP addresses, the problem continues to happen.
One funny thing is that I had a shell window with an active successful
ping to ftp.openbsd.org. In another window, after setting
Hi,
I keep getting these punt RTM_ADD without gateway in my /var/log/messages
from the routed daemon. Once in a while, I get RTM_LOSING as well.
I noticed that, even with a static default route, every now and then I
try to ping the default gateway, I get ping: sendto: No route to host.
I saw a
Hi,
Thank you very much.
netstat -ni will not show a single error on any of the three interfaces.
I do not think it has anything to do with PF, because the problem
happens even with a pass quick rule.
I use dlink DGE-530T nics and one onboard vr0.
sk0:
Hi,
I am trying to setup a DHCP server on a multi-homed firewall. One of the
interfaces is vr0 and should supply addresses 172.16.255.x/24. The other
is sk0 and should supply 200.232.140.x/24.
My /etc/dhcpd.interfaces looks like
sk0
vr0
My /etc/dhcpd.conf looks like
shared-network LOCAL-NET {
,
Jeff.
- Original Message -
From: Brian A. Seklecki
To: Jeff Santos
Subject: Re: dhcp server with 2 interfaces and 2 different subnets
Date: Tue, 12 Jun 2007 16:25:24 -0400 (EDT)
The following:
$ sudo tcpdump -i vr0 port bootpc || port bootps tcpdump -i
sk0 port bootpc || port bootps
Hi,
Thank you very much.
If they are blacklisted, the connected/disconntected message
will name the blacklist(s) they are on. if they are greylisted, there
will be no mention of lists in the log message. For example, from my logs,
So if the host is greylisted the connection should not last
Hi,
The default setup in pf.conf makes spamd work on both
directions:
#no rdr on $ext_if proto tcp from spamd-white to any port smtp
#rdr pass on $ext_if proto tcp from any to any port smtp \
# - 127.0.0.1 port spamd
What is the best way to tell PF that spamd should work only
on inbound
Hi,
Thank you.
Can I assume that all connected/disconnected messages I see in /var/log/daemon
are
from blacklisted hosts or some are still greylisted (undefined)?
Regards,
Jeff
--
Get a Free E-mail Account at Mail.com!
Choose From 100+ Personalized Domains
Visit http://www.mail.com today
Hi,
I am new to OpenBSD and SPAMD, so forgive if I say stupid questions.
1. When run in default mode (greylist), spamd knows the spammers come
from blacklists in spamd.conf. But there is no spamd table in PF.
How?
2. Is there one way to know how many and which are the blacklisted
hosts at the
22 matches
Mail list logo
