Here are entries with pass in log enabled:
19:59:08.149358 rule 5/0(match): pass in on bce1: 93.174.31.134.36872 >
38.X.X.X.22: Flags [S], seq 441726758, win 5840, options [mss
1460,sackOK,TS val 395810874 ecr 0,nop,wscale 7], length 0
And 38.x.x.x is the external ip of your gateway?! (my las
Check your pflog. The ruleset itself seems fine (if it is complete and
you did not forget to post
a vital part). We also can assume that pf is enabled, can we?
What should I be looking for in pflog? I can't find anything ssh related.
I posted full ruleset too.
[...]
[root@castor /var/log]# fo
Could somebody help in figuring out why PF configuration meant to prevent
brutal SSH attacks doesn't work.
Check your pflog. The ruleset itself seems fine (if it is complete and you
did not forget to post a vital part). We also can assume that pf is enabled,
can we?
Linda Messerschmidt wrote:
> 1) TCP connections (mainly port 80) sometimes take 3 seconds to get
> started instead of being virtually instant.
> 2) Sometimes HTTP connections just stop responding. (Client program
> times out waiting for response.)
> 3) Sometimes connections get weirdly dropped ("
文鳥 wrote:
On Wed, 7 Oct 2009 11:40:36 +0200
"Helmut Schneider" wrote:
I know the term "stealth firewall" very well. It's a worthless
marketing buzzword. It suggests users that it could prevent an attack
or even the scan itself. Neither is correct. This is what I want
文鳥 wrote:
On Tue, 6 Oct 2009 20:28:33 +0200
"Helmut Schneider" wrote:
文鳥 wrote:
On Tue, 6 Oct 2009 17:23:09 +0200
"Helmut Schneider" wrote:
From: "Nico De Dobbeleer"
I just finished installing FreeBSD 7.x with pf in transparant
bridging mode as the serve
文鳥 wrote:
On Tue, 6 Oct 2009 17:23:09 +0200
"Helmut Schneider" wrote:
From: "Nico De Dobbeleer"
I just finished installing FreeBSD 7.x with pf in transparant
bridging mode as the servers behind the firewall need to have an
public ipaddress. Now is everything workin
From: "Nico De Dobbeleer"
I just finished installing FreeBSD 7.x with pf in transparant bridging
mode as the servers behind the firewall need to have an public
ipaddress. Now is everything working fine and the FW is doing his job as
it should be. When I nmap the FW I see the open ports and clos
Max Laier wrote:
On Friday 09 January 2009 22:02:16 Helmut Schneider wrote:
since 4.3 and above finally support include-statements does anyone know a
roadmap when FreeBSD will switch from 4.1 to >= 4.3?
Short answer: As in any volunteer project, when somebody does the work.
Longer answer
Hi,
since 4.3 and above finally support include-statements does anyone know a
roadmap when FreeBSD will switch from 4.1 to >= 4.3?
Thanks, Helmut
--
No Swen today, my love has gone away
My mailbox stands for lorn, a symbol of the dawn
___
freebs
Max Laier <[EMAIL PROTECTED]> wrote:
On Friday 17 October 2008 18:43:49 Helmut Schneider wrote:
are there any plans/projects to support net-snmp like
http://www.packetmischief.ca/openbsd/snmp/#pfmib?
We have a pf-mib in bsnmpd, see
http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.sbin/
Hi,
are there any plans/projects to support net-snmp like
http://www.packetmischief.ca/openbsd/snmp/#pfmib?
Thanks, Helmut
--
No Swen today, my love has gone away
My mailbox stands for lorn, a symbol of the dawn
___
freebsd-pf@freebsd.org mailin
12 matches
Mail list logo
