Re: how to route to a local server thru PF router

2006-11-23 Thread Max Laier
On Thursday 23 November 2006 02:38, [EMAIL PROTECTED] wrote: > Hi, > > The PF router I setup is an Internet router that allow people access > the Internet. But in the mean time, this PF router also connected to a > local freebsd server. As a user behind the PF router, i also want to > ssh into the

Re: how to route to a local server thru PF router

2006-11-23 Thread Jon Simola
On 11/22/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: The current NAT rules in the PF router setup as: # pfctl -a NATRULES -sn nat on sis0 inet from 192.168.1.0/24 to any -> (sis0) round-robin nat on sis0 inet from 172.17.3.0/24 to any -> (sis0) round-robin nat on sis0 inet from 10.1.10.0/2

Re: rate limit with pf instead of IPFW

2006-11-23 Thread Jon Simola
On 11/23/06, John Smith <[EMAIL PROTECTED]> wrote: > > Could someone please give me full example to setup > > limit {src-addr | src-port | dst-addr | dst-port} to do what IPFW > > 01000 allow tcp from any to me setup limit src-addr 5 currently does Could you please post your pf.conf with the r

Re: rate limit with pf instead of IPFW

2006-11-23 Thread Max Laier
On Thursday 23 November 2006 20:01, John Smith wrote: > On 11/23/06, Jon Simola <[EMAIL PROTECTED]> wrote: > > On 11/23/06, John Smith <[EMAIL PROTECTED]> wrote: > > > Greetings BPF gurus! > > > > PF? bpf is different and has little to do with firewalling. > > > > > Could someone please give me ful

Re: how to route to a local server thru PF router

2006-11-23 Thread Gilberto Villani Brito
Dont you have anothers no nat rules Try: pass in from 172.17.3.0/24 to 10.1.10.0/24 Gilberto 2006/11/22, [EMAIL PROTECTED] <[EMAIL PROTECTED]>: Hi, The PF router I setup is an Internet router that allow people access the Internet. But in the mean time, this PF router also connected to a

Re: rate limit with pf instead of IPFW

2006-11-23 Thread John Smith
On 11/23/06, Jon Simola <[EMAIL PROTECTED]> wrote: On 11/23/06, John Smith <[EMAIL PROTECTED]> wrote: > Greetings BPF gurus! PF? bpf is different and has little to do with firewalling. > Could someone please give me full example to setup > limit {src-addr | src-port | dst-addr | dst-port} to do

Re: rate limit with pf instead of IPFW

2006-11-23 Thread Jon Simola
On 11/23/06, John Smith <[EMAIL PROTECTED]> wrote: Greetings BPF gurus! PF? bpf is different and has little to do with firewalling. Could someone please give me full example to setup limit {src-addr | src-port | dst-addr | dst-port} to do what IPFW 01000 allow tcp from any to me setup limit s

rate limit with pf instead of IPFW

2006-11-23 Thread John Smith
Greetings BPF gurus! I have this rule in IPFW 01000 allow tcp from any to me setup limit src-addr 5 This rule as you know doesn't allow more than 5 connections per ip to connect to my server in same time. The problem with the IPFW, it doesn't allow me to set it with seconds, so what I need to