Hello Aleksic:
>
> no nat on $extIF inet proto {tcp, udp} from $intIF:network to
> $intIF2:network
> no nat on $extIF inet proto {tcp, udp} from $intIF2:network to
> $intIF:network
>
If nothing else, these rules won't match because the traffic isn't
traversing the External Interface.
no nat on $
Hello:
> #
> #interfaces #
> #
> ext_if="bce0"
> ext_if2="bce1"
>
I would also define your inside interface(s), not just your outside. Let's
call it "bce2" for the example:
int_if="bce2"
>
> #
> #allow all connections fro
Hello All:
> > What does sysctl vm.kmem_size_max show? Try increasing that size a
> > bit in loader.conf and see if that helps.
>
> Seconded. My guess is that the system flushes buffers when you first load the
> tables due to memory pressure, so when you load the tables a second time there
>
Hello All:
We are having memory issues with PF and 7.1p2 that we didn't experience with
6.3. Here's what happens.
# pfctl -f /usr/local/etc/pf.conf
/usr/local/etc/pf.conf:135: cannot define table smtpd_reject_policyd: Cannot
allocate memory
/usr/local/etc/pf.conf:139: cannot define table smtp
Hello All:
I'm wondering if it would be possible to create a mapping between an "outside"
IPv6 address and an "inside" IPv4 NAT (or round-robin group, to take it to the
next logical step) or vice versa? This would be on a FreeBSD 7.0 installation.
As a second note, if it's not supported now w
Hello Jeremy (et. al.):
We found the issue and I wanted to share the solution.
As before, this rule worked as expected:
# --
pass in quick on $vlan2_if inet proto tcp from any to port { ftp,
49152:65535 } modulate state flags S/SA
# --
However, when the following rule was in place, we couldn'
Hello All:
> pass in quick on $ext_if inet proto tcp from any to 72.20.106.8 port {
> ftp, 49152:65535 } modulate state flags S/SA
>
Thanks to Jeremy for the line above which works like a champ. The last piece
of the puzzle for me is to block all inbound ftp connections to servers other
than m
Hello All:
I am confused about using FTP through PF. We have been running with a working
ftp-proxy setup that allows our internal servers to ftp out with no trouble. I
am now interested in putting an FTP server behind my PF configuration and I've
not been too successful.
If I am running an F
Hello All:
I am confused about using FTP through PF. We have been running with a working
ftp-proxy setup that allows our internal servers to ftp out with no trouble. I
am now interested in putting an FTP server behind my PF configuration and I've
not been too successful.
If I am running an F
Hello David:
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:owner-freebsd-
> [EMAIL PROTECTED] On Behalf Of David Verzolla
> Sent: Thursday, September 27, 2007 9:25 AM
> To: freebsd-pf@freebsd.org
> Subject: Rule doubt
>
> Hi All,
> Its possible creates a rule that can match all t
Hello Vadym:
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:owner-freebsd-
> [EMAIL PROTECTED] On Behalf Of Vadym Chepkov
> Sent: Wednesday, April 11, 2007 9:24 PM
> To: [EMAIL PROTECTED]
> Subject: DMZ problem
>
> Hello everyone,
>
> I earlier asked a question about Amanda, stil
Hello All:
I have two 6.2 RELEASE servers working in failover mode as PF Load
Balancers. When the MASTER box is failed (through reboot or interface
shutdown, etc.) the BACKUP box becomes MASTER as expected, but
connections that existed through the MASTER before the failover do not
transfer as exp
12 matches
Mail list logo
