> First, my setup - (NB, all servers mentioned are running
> 6-STABLE)
...
> # options for pf and spamd
> pf_enable="YES"
> pfspamd_enable="YES"
> pfspamd_flags="-g -v -p 8025"
> pfspamlogd_enable="YES"
I currently run FreeBSD 6.2-RELEASE-p7.
Checking,
grep PORTVERSION= /usr/ports/mail/spamd
hi greg,
There's a number of ways to do this.
Add the extra addresses as aliases to the internet facing interface. E.g
gw2:~ # cat /etc/rc.early /etc/rc.conf | egrep -i 'outside|alias' | sed -e
.
/sbin/ifconfig rue0 name outside
network_interfaces="lo0 outside inside"
ifconfig_outside="ine
hi,
i'm trying to do 1:1 (nat?) *outbound* address mapping using pf, but
NOT 'whole server' binat, but rather a single address&port. i'm close,
but no cigar ... any suggestions?
details follow ...
thanks!
i've a block of 8 static IPs, x.x.x.1 - x.x.x.8.
freebsd6.2-Rp5+pf are installed as my e
On 6/4/07, Volker <[EMAIL PROTECTED]> wrote:
without seeing your pf.conf ruleset,
happy to send/post if required/helpful ...
I guess you're using a ppp
connection to your upstream provider and firewalling on the tunX
interface (using tun0 as $ext_if).
you're absolutely correct here.
As Fr
hi,
i've fbsd 6.2R/p5, with pf compiled into a custom kernel.
on boot, pf is, apparently, not starting.
but, if i exec
/etc/rc.d/pf start
immediately after boot to prompt is done, then all's OK.
the only related (?) messages -- error or otherwise -- i've found are
on startup.
any id
hi,
i recommend assp : http://assp.sourceforge.net/
assp = anti-spam smtp proxy
if installed correctly it will sit in front of your smtp-server,
in my opinion it works awesome, and has lots of options, RBL being one
of them
now that looks very interesting. not familiar with it as yet. than
hi,
i use fbsd 6.2-release/p5's pf + spamd v4.1.1 to manage port 25 traffic.
in my pf.conf, i've
...
set require-order no
...
nat on $extif from $intif:network to any -> ($extif)
...
no rdr on $extif from to any tag MXbl
block log quick tagged MXbl label "(MXbl)"
...
rdr on $exti
hi,
i've freebsd 6.2-RELEASE + spamd-4.1.1 (yes, latest pre-release, _not_
the current port @ v3.7 ...).
spamd's stuttering & greylisting as I'd expect/hope.
it's currently started with (in /etc/rc.conf),
obspamd_enable="YES"
obspamd_flags="-v -l127.0.0.1 -G15:6:864 -4 -s5 -S10 -w1 -c 300 -B
2
hi,
I have a problem bringing up PF after a reboot of my 6.2 machine.
I tried pf_enable="YES" in /etc/rc.conf, but it doesn't seem to
get executed. /etc/rc.d/pf exists, also tried to declare pf_rules and
even pf_program without luck. I always have to do "pfctl -e -f
/etc/pf.conf" manually after
hi,
ahhh no i think what you mean with BLACK label,
(BLACK) 85.98.220.200: <[EMAIL PROTECTED]> ...
-> this line will only displayed if a trapped host connect to your spamd
ah! missed the emphasis on 'trapped'. ok.
disconnected after 3920 seconds. lists: spamd-greytrap
-> this line will onl
hi,
OK, the line in syslog.conf looks fine.
Verbose logging is done with facility debug and the line catch this.
Do you have some entries in the /var/log/debug.log ?
hmmm. interesting. in /var/log/debug.log i've a few instances of
'verbose' spamd output, e.g.,
...
May 3 03:47:39 router spam
hi olli,
I believe this results from a reconfigure or reload from syslogd.
If you have not modified the syslog.conf try a restart of the spamd
utility.
i've rebooted/restarted -- both syslod & the router itself -- a number
of times, with no apparent difference.
fwiw, my syslog.conf, atm, is,
hi,
i've freebsd 6.2-release + pf + spamd installed.
works great.
i've launched spamd as,
% ps -ax | grep -i spamd
989 ?? Is 0:01.42 spamd: (pf update) (spamd)
990 ?? I 0:00.44 /usr/local/libexec/spamd -v -n ESMTP -r450
-s5 -w1 -c 300 -B 200 -g -G25:4:864 -b 127.0.0.1 -p 8
# echo "no rdr pass from to any" | pfctl -vvnf-
stdin:1: "pass" not valid with "no"
that's a nifty way to check. thanks!
Maybe you want to tag those packets and block them later:
no rdr on em2 proto tcp from { , ! } to em2 port smtp
tag BLOCKME
...
block quick tagged BLOCKME
i'd gotten thr
On OpenBSD, I use spamd-setup which does exactly that with the
whitelist/blacklist tables.
good point. spamd-setup is, of course, available on FreeBSD as well.
in my specific case, is already populated in / use by pf
elsewhere, so populating spamd's table with it too seemed wasteful.
hence, i
hi jon,
"The no option prefixed to a translation rule causes packets to remain un-
translated, much in the same way as drop quick works in the packet filter"
i'd read thru all the filter negation stuff, but missed that abt the
translation negation completely :-/
thanks very much!
i suppose alternative would be to,
--- set require-order yes
+++ set require-order no
and put some
block quick
BEFORE those rdr's ... to prevent those addresses in from
ever seeing the redirection in the first place (which is probably
better anyway).
BUT, i've heard tell that disabling
hi jon,
Multiple tables in rules are tricky because they are not treated as
"sets" that can be arbitrarily compared (ie, IPs in table A that are
not in table B).
well a big aha!+grumble on my part ... thanks! for the clarification.
i did NOT understand that correctly :-(
so, *IS* there a way
hi,
i've set up pf+spamd on FreeBSD 6.2-RELEASE.
IPs that i've blocked seem to be sneaking through to spamd ... not
always, apparently :-/
i'm guessing i've borked config, or there's an overflow of something
... dunno, yet.
i've config'd pf as follows,
pf.conf
--
..
i'm using FreeBSD v6.2-RELEASE + pf + pflog.
firewall works great, and i can watch real-time output on
logging_device:pflog0 with,
tcpdump - -nei pflog0
i'd like to archive & rotate the logs as well, so, following instructions at,
"Packet Logging Through Syslog"
ht
hi max,
A small awk/perl/python/ruby/...-filter should get you running. Simply
suck in "pfctl -vvsr" output and build an associative array rule# ->
label and then just search and replace.
that's an alternative. i'll have to figure out how with which script
lang (for lowest overhead on an emb
hi,
i typically tail my pf-log with "tcpdump -vvnei pflog0".
this, of course, displays the matched "rule #", e.g.,
2007-04-18 13:07:11.363065 rule 40/0(match): pass in on tun0: (tos
0x0, ttl 54, id 10, offset 0, flags [DF], proto: UDP (17), length:
70) 144.160.112.22.37572 > 192.16
22 matches
Mail list logo
