Re: How can sshuttle be used properly with FreeBSD (and with DNS) ?

On Sat, 6 Sep 2014 02:52:22 +, John Case wrote: > I would like to use sshuttle (http://github.com/apenwarr/sshuttle) on > FreeBSD. > > I have it working for TCP connections, but it does not properly tunnel DNS > requests. The documentation for sshuttle says that ipfw forward rules will

Re: How can sshuttle be used properly with FreeBSD (and with DNS) ?

On Tue, 9 Sep 2014 19:33:05, Ian Smith wrote: > add 1000 divert natd ip from any to any in recv xl0 > add 2000 divert natd ip from any to any out xmit xl0 Oops, 'ip' should nowadays be 'ip4|ipv4' for divert rules, if ip6 is configured on that interface. Last I heard, ip6 packets break dive

inpcb lookups in udp_send -> inpcb laddr and flowtable

Hi! I found this whilst doing UDP RSS testing. root@adrian-hackbox:/home/adrian/work/freebsd/head/src/sys/net # sysctl debug.lock.prof.stats | head -2 ; sysctl debug.lock.prof.stats | sort -nk4 | tail -5 debug.lock.prof.stats: max wait_max total wait_total countavg wait_avg

[Bug 157287] [re] [panic] INVARIANTS panic (Memory modified after free)

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=157287 Joerg Wunsch changed: What|Removed |Added Status|In Discussion |Issue Resolved Resolution|-

Performance problem with slow link behind fast gateway

All, I'm seeing some performance problems with a slowish VPN connection behind a fast gateway, the setup looks like this: |--| |-| |client (zandbak) (DSL connection)| 'VPN tunnel' - |Gateway (vps) u

Re: How can sshuttle be used properly with FreeBSD (and with DNS) ?

On Tue, 9 Sep 2014, Ian Smith wrote: On Tue, 9 Sep 2014 19:33:05, Ian Smith wrote: > add 1000 divert natd ip from any to any in recv xl0 > add 2000 divert natd ip from any to any out xmit xl0 Oops, 'ip' should nowadays be 'ip4|ipv4' for divert rules, if ip6 is configured on that interface

Can I make this simple ipfw ruleset any more restrictive ?

I have a very simple firewall - it*blocks everything*, and the only traffic that is allowed is for internal clients to make outbound connections to tcp port 40. Also, internal clients can ping/traceroute. But that's it - no other connections in or out are allowed. I have this ruleset and i

Re: Can I make this simple ipfw ruleset any more restrictive ?

John Case wrote this message on Tue, Sep 09, 2014 at 23:37 +: > > I have a very simple firewall - it*blocks everything*, and the only > traffic that is allowed is for internal clients to make outbound > connections to tcp port 40. > > Also, internal clients can ping/traceroute. > > But tha

Re: Can I make this simple ipfw ruleset any more restrictive ?

On 9 Sep, John Case wrote: > > I have a very simple firewall - it*blocks everything*, and the only > traffic that is allowed is for internal clients to make outbound > connections to tcp port 40. > > Also, internal clients can ping/traceroute. > > But that's it - no other connections in or ou