> On Friday 08 January 2010 06:04:34 Peter wrote:
>> iH,
>>Playing around with FIBs and jails.
>>
>> The host system is on a private 172.xxx network with a gateway of
>> 172.xxx
>> going through a NAT box for internet. [fib 0]
>>
>> The jail has only a public IP, on fib 1 [with gateway being IS
On Friday 08 January 2010 06:04:34 Peter wrote:
> iH,
>Playing around with FIBs and jails.
>
> The host system is on a private 172.xxx network with a gateway of 172.xxx
> going through a NAT box for internet. [fib 0]
>
> The jail has only a public IP, on fib 1 [with gateway being ISP router]
iH,
Playing around with FIBs and jails.
The host system is on a private 172.xxx network with a gateway of 172.xxx
going through a NAT box for internet. [fib 0]
The jail has only a public IP, on fib 1 [with gateway being ISP router]
With this, the jail is working fine.
What I'm trying to acco
On Thu, Jan 7, 2010 at 10:19 PM, M. Keith Thompson
wrote:
> On Thu, Jan 7, 2010 at 2:37 PM, J65nko wrote:
>>> # SSH from NetEng subnet
>>> pass in quick log on $ext_if proto tcp from $net_eng to $ext_if port
>>> 22 keep state
>>>
>>> # Allow inside network to ping the server
>>> pass in quick on
I would not recommend allowing everyone under the sun ssh access to the box.
Either restrict it by outside IP if possible and if that is not possible at
least alter the port to prevent bots.
~Patrick
-Original Message-
From: owner-freebsd...@freebsd.org [mailto:owner-freebsd...@freebsd
Hello all
In an effort not to create yet another insecure server on the www I'd like
to ensure my pf.conf file is good and secure - will someone please review
this configuration and let me know your thoughts?
I only want to allow www and ssh inbound and have limited access also
outbound - this is
On 01/07/10 10:26, M. Keith Thompson wrote:
It does a list first to see which file to get. Then it tries to
download the 1st file.
It starts downloading the file around:
14:40:49.668739
Yep, I see that, the only anomoly is no '226 transfer complete' on the
command channel after the Fin + P
On Thu, Jan 7, 2010 at 2:37 PM, J65nko wrote:
>> # SSH from NetEng subnet
>> pass in quick log on $ext_if proto tcp from $net_eng to $ext_if port
>> 22 keep state
>>
>> # Allow inside network to ping the server
>> pass in quick on $ext_if proto icmp from $pingers to $ext_IP keep state
>>
>> # Allo
> # SSH from NetEng subnet
> pass in quick log on $ext_if proto tcp from $net_eng to $ext_if port
> 22 keep state
>
> # Allow inside network to ping the server
> pass in quick on $ext_if proto icmp from $pingers to $ext_IP keep state
>
> # Allow DNS lookups
> pass out quick on $ext_if proto udp to
It does a list first to see which file to get. Then it tries to
download the 1st file.
It starts downloading the file around:
14:40:49.668739
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, s
On 01/06/10 13:40, M. Keith Thompson wrote:
14:40:49.329499 IP vvv.zzz.226.92.50201> xxx.yyy.15.125.ftp: P
80:105(25) ack 755 win 17680
0x: 4500 004d 3160 3406 26e0 a4eb e25c E..M1`..4.&\
0x0010: 97a6 0f7d c419 0015 1590 303f bf82 ad2d ...}..0?...-
11 matches
Mail list logo
