Okay. I have a problem that I can't get my brain around and I need
some help. My wife needs to connect to her VPN at work. I've
captured packets for her connection and see that it's connecting to
her work server on ports 53 (dns) and 500 (isakmp).
I have been doing a lot of reading
jared r r spiegel wrote:
yup. by seeing what was dropped.
i _always always always_ keep block return log all as the first real
rule in my pf.conf. whether or not you want to return or drop is of
course a matter of taste ( i do drop some things later in a more
specific rule ), and
R T wrote:
Yeah, dns wasnt set on the laptop, not too bright today. Its working fine now.
Now to learn about making it an actual firewall :) Thanks guys for the help!
R.T.
No problem, RT. Good luck.
rvb
I have been racking my brain and reading, but can't figure out how to
setup pf to pass or rdr ident requests to the the proper client
(behind the firewall) that is trying to connect to an irc server. I
want to rdr the auth (port 113) request coming into my firewall to
whichever machine is
Kevin wrote:
I do not think this is technically possible without extensive effort,
nor desirable. The 'ident' (auth, tap, TCP/113) protocol is no longer
very useful for the original purpose, but it is still required by IRC servers.
Many systems and firewalls, including OpenBSD (via the '-H'
Kevin wrote:
On Sun, 30 Jan 2005 15:41:41 -0600, Rick Barter [EMAIL PROTECTED] wrote:
Kevin wrote:
I do not think this is technically possible without extensive effort,
nor desirable. The 'ident' (auth, tap, TCP/113) protocol is no longer
very useful for the original purpose, but it is still
Renato wrote:
why I can see these arp request?
192.168.205.0 is my internal network and I don't want that from
external network sameone could loock at my internal address ...
Renato,
As far as I know (and from what I've read) this is normal and nothing
to be alarmed about. Also, I think if
I use tcpdump to trouble-shoot my firewall, set up my rules, etc. I
found the -x option which dumps the packet in hex. Can I view the
packet data with tcpdump or do I need to install Ethereal or something?
Any help is appreciated.
rvb
eric wrote:
On Tue, 2005-06-07 at 22:05:33 -0700, craSH proclaimed...
tcpdump is pretty much just for inspecting the headers of packets, to
capture data and entire sessions, snort would be a good tool to use.
Wow, quit spreading bad information.
tcpdump(8) is to capture packets, in full