Hello All,
Just a quick question. I am doing scrub on my upstream OpenBSD server.
Will this work as a temporary workaround for this security flaw (below)
in FreeBSD?
Regards
Mark
-Forwarded Message-
From: FreeBSD Security Advisories [EMAIL PROTECTED]
To: FreeBSD Security Advisories
. I work so fast I'm always finished
On Sat, 25 Oct 2003, Pyun YongHyeon wrote:
On Fri, Oct 24, 2003 at 04:53:20PM +0200, Daniel Hartmeier wrote:
On Fri, Oct 24, 2003 at 04:44:54PM +0200, Mark Bojara wrote:
blowfish:~# tcpdump
, Mark Bojara wrote:
rdr on ! tun1 inet from 192.168.0.2 to any - 192.168.0.1
rdr and route-to do two different things in your setup, it's not clear
yet what you really want:
a) route-to will not modify the IP layer, it will just cause the
packets to get sent to the MAC address of 192.168.0.1
On Fri, 24 Oct 2003, Daniel Hartmeier wrote:
On Fri, Oct 24, 2003 at 04:07:20PM +0200, Mark Bojara wrote:
I want option a. It must route the packet to 192.168.0.1 exactly how it is
without modifying any headers. on 192.168.0.1 there is NAT on it wich will
handle translation.
Ok, so let's
reall dislike ipfw and would like to get the whole
system working on PF.
Thanks alot
Mark Bojara
mbuf tags get lost as soon as the packet leaves the
kernel, in either direction - userland, or network.
not really a way around it.
On Wed, Oct 15, 2003 at 10:15:07PM +0200, Mark Bojara wrote:
Hello All,
Im running a HFSC setup with a squid server hosted on the same machine. I
am having
..
Regards
Mark
What do batteries run on?
On Sun, 3 Aug 2003, Mark Bojara wrote:
Hello Trevor/Daniel,
Sorry for late reply I was on leave. When I only have a pass log
: A device for finding furniture in the dark.
On Thu, 31 Jul 2003, Trevor Talbot wrote:
On Wednesday, Jul 30, 2003, at 16:24 US/Pacific, Mark Bojara wrote:
Here is my tcpdump of pflog0:
Jul 31 01:23:48.272259 rule 1/0(match): block
Hello,
I have set up vlan's on my 3com switch with vlan devices on my openbsd
server to accomodate my altq properly. However I can not seem to tag any
packets on vlan1 or xl0 (parent interface). The prupose is to do both
incoming/outgoing queue's on normal interface's my setup works fine. How
can
Hello Daniel,
Sorry my mistake, The packets are being tagged. However I do not have any
incoming or outgoing access. This is probably a error with my filters. Do
you have any advice on what i could try?
Thanks
Mark
(A)bort,
Hello Ryan,
fxp0 is the uplink interface and xl0 is the interface that the vlan is
connected too. If i tcpdump xl0 I can see traffic from all the vlan's on
it.
Regards
Mark
Universe is a big place... perhaps the biggest
like Frankenstein's hand-me-downs.
On Thu, 31 Jul 2003, Daniel Hartmeier wrote:
On Thu, Jul 31, 2003 at 12:40:53AM +0200, Mark Bojara wrote:
The packets get blocked after fxp0 and do not reach vlan1. Basically I
want to do incoming
Hello All,
How can I allow passive ftp to certain hosts? I know that you can do it by
allowing ports 49152-65535 to the host but that isnt very secure, is there
a better way?
Thanks
Mark
Hello,
Ive just been thinking of a possible solution to my problem on previous
thread. How about I create vlan's and bridge them together. So that it
forms something like:
fxp0--altq--virtual interface--altq--dc?--host
ive tried doing something like:
ifconfig vlan0 vlan 1 vlandev dc0
Hello Trevor,
Thanks for the advice, Ive tried to have one rule to catch both directions
but if it is outgoing traffic then the keepstate will automatically
allocate the incoming packets that are comming back to the same queue. But
if the request originated from a incoming request there is no way
it?
On Wed, 23 Jul 2003, Trevor Talbot wrote:
On Tuesday, Jul 22, 2003, at 23:46 US/Pacific, Mark Bojara wrote:
Thanks for the advice, Ive tried to have one rule to catch both
directions but if it is outgoing traffic then the keepstate
Hello,
I was wondering if its possible to either set up one queue on a single
interface to do both incoming and outgoing traffic? (probably not
possible)
Or maybe possibly having it on split interface's but assigned to one
queue. eg:
pass out on dc1 from za to 196.34.165.210 keep state queue
.
On Wed, 23 Jul 2003, Trevor Talbot wrote:
On Wednesday, Jul 23, 2003, at 03:36 US/Pacific, Mark Bojara wrote:
I understand what you mean but this is only for a outgoing connection
with keepstated incoming. If another completely different incoming
Talbot wrote:
On Wednesday, Jul 23, 2003, at 10:21 US/Pacific, Mark Bojara wrote:
I was wondering if its possible to either set up one queue on a single
interface to do both incoming and outgoing traffic?
No, not at present.
Or maybe possibly having it on split interface's but assigned
Hello All,
I am running OpenBSD 3.3-current with HFSC queueing and stateful filters.
If I enable my stateful filters anything defined via those filters does
not go through my queue filters and gets unlimited bandwidth.
Below is my pf.conf file, When I access 196.34.165.210 via ftp my
bandwidth
20 matches
Mail list logo
