On Mon, 18 Jun 2018 12:08:33 +0200 "Kristof Provost" said
On 18 Jun 2018, at 0:19, Chris H wrote:
> Sorry. Looks like I might be coming to the party a little late. But
> I'm
> currently running a 9.3 box that runs as a IP (service) filter for
> much
> of a netwo
On Mon, 18 Jun 2018 12:21:47 +0200 "Kurt Jaeger" said
Hi!
> > So loading all entries in to empty table works fine, but reloading
> > didn't work.
> Sorry. Looks like I might be coming to the party a little late. But I'm
> currently running a 9.3 box that runs as a IP (service) filter for muc
On Thu, 14 Jun 2018 21:44:08 +0200 "Miroslav Lachman" <000.f...@quip.cz> said
Dave Horsfall wrote on 2018/06/14 19:40:
> I can't get access to kernel sauce right now, but I'm hitting over 1,000
> entries from woodpeckers[*] etc; is there some upper limit, or is it
> just purely dynamic?
>
>
On Tue, 10 Oct 2017 16:11:23 + Mark Raynsford
wrote
> Hello.
>
> What is the syntax for specifying a range of IPv6 addresses in rules?
>
> I want to write rules of the form:
>
> pass out log quick on $nic_ppp inet6 proto tcp from
> 2001:db8:8:10::/64 to any port 80 modulate state
>
> But
On Fri, 1 Sep 2017 08:21:10 +1000 (EST) Dave Horsfall wrote
> Hmmm, no replies. Does this mean that no-one is using this useful
> feature, is using it but is not willing to share, or it's known not to
> work at all and are too embarrassed to say so?
Hello, Dave.
I'm not going to pretend that
On Sat, 1 Apr 2017 08:29:41 +1100 (EST) Dave Horsfall wrote
> Does anyone have a PF rule that actually blocks woodpeckers? I have this
> rule:
>
> pass inet proto tcp from any to any port smtp \
> flags S/SA keep state \
> (max-src-conn 10, max-src-conn-rate 2/20, \
> overload
On Thu, 30 Mar 2017 08:20:55 +1100 (EST) Dave Horsfall
wrote
> On Wed, 29 Mar 2017, Martin MATO wrote:
>
> > In the first case, you'll should prefer setting greylisting / tarpitting
> > at minimum, feeding a firewall table for blacklisting is a neverending
> > story (plus, there is some real c
On Wed, 29 Mar 2017 22:57:48 +0200 (CEST) Martin MATO
wrote
> > Message du 29/03/17 22:05
> > De : "Chris H"
> > A : "FreeBSD pf"
> > Copie à :
> > Objet : When should I worry about performance tuning?
> >
> > OK. My associat
On Wed, 29 Mar 2017 22:19:58 +0200 "Kristof Provost" wrote
> On 29 Mar 2017, at 22:06, Chris H wrote:
> > OK. My association with FreeBSD has made me a prime
> > target for every male hormone distributor on the net.
> > Fact is; I can guarantee ~89 SPAM attempt
OK. My association with FreeBSD has made me a prime
target for every male hormone distributor on the net.
Fact is; I can guarantee ~89 SPAM attempts in under 5
minutes, after creating a pr on bugzilla. At first I
was angry, and frustrated. But decided to make it a
challenge/contest, and see my way
Greetings,
I've depended upon pf for many years, but somewhere between
updating my servers from 9 to 11, and 12. I seem to have
lost getting the daily statistics from pf.
Does anyone know what changed, and what I need to do to
get those reports back?
Thanks!
--Chris
__
On Thu, 19 May 2016 11:48:28 +0200 Radek Krejča
wrote
> Hello,
>
> I have freebsd router with pf for NAT and firewall. There are 2 NICs, one for
> incomming traffic from internet and second for traffic to clients. On
> internal NIC are a lot of vlans.
>
> I need to make traffic shaping for all
On Thu, 12 May 2016 11:09:57 -0700 J Green wrote
> Hello all:
>
> Can pf simultaneously redirect to multiple, internal hosts?
>
> Source -> UDP traffic -> pf (redirection) -> Host1
> -> Host2
>
On Sun, 5 Jul 2015 12:26:28 -0400 Mike wrote
> On 7/5/2015 12:08 PM, Jason Hellenthal wrote:
> > Add more -v's
> >
>
> This command
>
> # pfctl -t FullBlock -Tshow
>
>
> still did not show the counters.
Interestingly enough, I run into the same issue, and I
have ALTQ enabled in my kernel
On Mon, 27 Oct 2014 16:37:43 + Gary Palmer wrote
> On Mon, Oct 27, 2014 at 05:30:57PM +0100, Cristiano Deana wrote:
> > On Mon, Oct 27, 2014 at 5:24 PM, Gary Palmer wrote:
> >
> > Hi
> >
> > >> For example, I need to block only 100 IPs in the range:
> > >> 10.0.0.1-10.0.0.100 >
> > > tabl
> I have a pf rule (FreeBSD 9.2) that uses a table to block access from
> specific networks.
> This morning I found the following situation:
>
> 12 attempts from an address in one of the blocked network to access the
> server. All were
> blocked and marked as such with the proper rule number in
On 8/20/2012, "J David" wrote:
>Unfortunately, I think my reference to DDOS attacks has distracted
>from the underlying issue.
>
>PF allows a rule like this:
>
>pass in proto tcp from any to any port www keep state (max 100,
>source-track rule, max-src-states 3)
>
>(adapted from the man page)
>
Quoting Doug Poland <[EMAIL PROTECTED]>:
David DeSimone wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Doug Poland <[EMAIL PROTECTED]> wrote:
I have DNS resolution, the problem ( I think ) is in that pf simply
sees the packet destined for my single public IP (because all my
public host
Quoting Dave <[EMAIL PROTECTED]>:
Hello,
I've got a machine running ssh and i'm trying to cut down on brute
force attacks on it. I'm running pf on a freebsd 6.2 box and have
added in swatch to try to curve these attacks. The problem is nothing
is being added to either the memory hackers ta
19 matches
Mail list logo
