On Mon, Jul 26, 2010 at 05:26:21AM -0700, Justin wrote:
> When using synproxy state - the connection never completes. If we change
> synproxy to keep, everything works fine. Alternately, if the service in
> question is running locally on the actual firewall itself, I'll see
> state entries show
Hey,
As of time being, we still include pf as of OpenBSD 4.1 (released May 2007).
Recently syntax has changed a lot in the releases of pf in OpenBSD 4.7,
just notice that "nat-to" and "rtr-to" are now part of the
pass-commands. This means also means that refereeing to the OpenBSD FAQ
from th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2010/07/27 18:23, Kristian Kræmmer Nielsen wrote:
> Hey,
>
> As of time being, we still include pf as of OpenBSD 4.1 (released May
> 2007).
>
> Recently syntax has changed a lot in the releases of pf in OpenBSD 4.7,
> just notice that "nat-to"
> "Kristian" == Kristian Kræmmer Nielsen writes:
Kristian> The later version of pf is easier to use.
Indeed, but when I asked this a while back, one of the issues is that
the new syntax is *not* upward compatible. Judging from the traffic on
the openbsd list, this has caused a bunch of upgr
Hello Daniel,
Didn't get any sort of information from pfctl -x misc. Here's the
output from the commands you suggested;
(3 SSH connections to run/log the tcpdump and pfctl outputs, 1 attempted
proxy)
Pre HTTP end host attempt;
# pfctl -vvsi
No ALTQ support in kernel
ALTQ related funct
- tcpdumps showing the initial connect attempt (logs below were
furhter along the process);
external:
02:21:25.595977 IP (tos 0x0, ttl 118, id 10020, offset 0, flags [DF],
proto TCP
(6), length 52)
REMOTE_VIEWING_HOST.53782 > CLIENT_DESTINATION_IP.80: Flags [S],
cksum 0x537b (correct)
Thank you,
Your problem report has been accepted into the Department of Computer
Science automated ticketing system. Please note:
* You can check the status of your tickets at this URL:
https://cgi.cs.rpi.edu/nats/
* Your ticket number is included in the subject of this email. Please
On 28.7.2010 3:28, Xin LI wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 2010/07/27 18:23, Kristian Kræmmer Nielsen wrote:
Hey,
As of time being, we still include pf as of OpenBSD 4.1 (released May
2007).
So I was wondering, how many is actually using pf and is it time to get
tog
