Trying to set up a new telco fiber connection on my OpenBSD router/
firewall (this is an OLD box with OpenBSD 3.8 on it...sorry). I can't
put the new telco connection live as the default yet, because it will
affect all users, and I need to do some testing first. But I'm not
quite sure I (a)
Thanks much! ...but pfflowd is tremendous overkill for my situation
(where I just want to collect a few arbitrary traffic stats for a dozen
IPs at most). Nor do I have a second box to devote to stats collection,
nor the ability to parse Cisco Netflow data (which is what pfflowd
outputs).
I'd
OpenBSD 3.8 here.
I'm keeping accounting stats on one subnet (my wireless users). Each
user (about a dozen in all) has a static IP address and there's a
separate, labeled counting rule for each one:
pass in quick on $wls_if inet from 192.168.0.123to !
wls_forbidden_nets flags S/SA keep
I'm the OP, and following up my own posting with the results (and a
small rant).
When I created a new, separate rule that passed UDP and TCP for port 53
only, things appeared to start working, and I see no more blocked
domain traffic. Although I was certain I did exactly this earlier (or
the
Would it be because dns sometimes talks UDP? (I forget the details.)
Thanks - that was my first thought, but (a) the blocked packets show up
as TCP, not UDP, and (b) I still had the problem even when I added UDP
explicitly to the pass rule I show.
So I'm still stuck.
/jon/
DNS primarily goes over UDP. You need to open up udp/53.
Again, I opened up both TCP and UDP ports, but the effect was the same.
In any case, refer back to the original posting - the blocked packet
from the tcpdump shown is clearly of a TCP packet (it would say UDP
at the end otherwise).
the
My new OpenBSD 3.8/pf firewall setup seems now to mostly be doing what
it's supposed to. One lingering problem, though, that I just can't find
the source of. I'm getting occasional log messages like this (standard
tcpdump format):
Dec 18 05:55:43 rule 33/(match) block in on xl2: 192.168.3.2.34353
Subject says it. I'm trying to bring up a new firewall with OpenBSD 3.8
+ pf to replace the aging Linux one here, and something is not clicking
for me between the ears. Right now all I'm trying to do is get NATing
working between the internal network and the internet, but I'm not even
getting that
Daniel:
A _lot_ just fell into place that wasn't connecting before.
Thanks for providing the missing linknot to mention for pf itself.
Much, much appreciated.
-Jon-
