Hello,
I would like to use GeoIP db and update the country db rule, then make
the pf to read the db, and allow certian contries to connect to the
web server.
Is this possible?
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net
On 5/9/07, Miroslav Lachman <[EMAIL PROTECTED]> wrote:
Abdullah Ibn Hamad Al-Marri wrote:
> Hello,
>
> I would like to use GeoIP db and update the country db rule, then make
> the pf to read the db, and allow certian contries to connect to the
> web server.
>
> Is this
On 5/9/07, Volker <[EMAIL PROTECTED]> wrote:
On 12/23/-58 20:59, Abdullah Ibn Hamad Al-Marri wrote:
> Another question, how about the update per month? do I need to kill pf
> and run it again? or a crontab would do the trick and update the IPs?
Abdullah,
unfortunately I'm una
9 seconds)
for 2 minutes (offense 1)
*** Notice -- throttled connections from 86.213.48.25 (3 in 1 seconds)
for 2 minutes (offense 1)
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
___
freebsd-pf@freebsd.org mailing list
http://
flags S/SA keep state \
(max-src-conn 30, max-src-conn-rate 30/3, \
overload flush global)
pass out proto tcp to any keep state
Comments?
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
___
freebsd-pf
On 5/18/07, Kian Mohageri <[EMAIL PROTECTED]> wrote:
On 5/18/07, Abdullah Ibn Hamad Al-Marri <[EMAIL PROTECTED]> wrote:
> Thank you for the tip.
>
> Here what I'm using which fixed the issue.
>
> pass in on $ext_if proto tcp from any to $ext_if port $tcp_serv
On 5/18/07, Drew Tomlinson <[EMAIL PROTECTED]> wrote:
On 5/18/2007 9:54 AM Abdullah Ibn Hamad Al-Marri said the following:
> On 5/18/07, Kian Mohageri <[EMAIL PROTECTED]> wrote:
>
>> On 5/18/07, Abdullah Ibn Hamad Al-Marri <[EMAIL PROTECTED]> wrote:
>> >
On 5/18/07, Kian Mohageri <[EMAIL PROTECTED]> wrote:
On 5/18/07, Abdullah Ibn Hamad Al-Marri <[EMAIL PROTECTED]> wrote:
> On 5/18/07, Kian Mohageri <[EMAIL PROTECTED]> wrote:
> > On 5/18/07, Abdullah Ibn Hamad Al-Marri <[EMAIL PROTECTED]> wrote:
> > > Th
On 5/19/07, Kian Mohageri <[EMAIL PROTECTED]> wrote:
On 5/18/07, Abdullah Ibn Hamad Al-Marri <[EMAIL PROTECTED]> wrote:
> On 5/18/07, Kian Mohageri <[EMAIL PROTECTED]> wrote:
> > On 5/18/07, Abdullah Ibn Hamad Al-Marri <[EMAIL PROTECTED]> wrote:
> > > O
s.html
http://www.bgnett.no/~peter/pf/en/bruteforce.html
http://layer0.layeredtech.com/showthread.php?t=2164
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/m
n on fxp0: 201.51.254.195.2546 >
66.90.108.40.7325: S 4092558202:4092558202(0) win 65535
05 rule 77/0(match): block in on fxp0: 201.51.254.195.2545 >
66.90.108.40.7325: S 1627281497:1627281497(0) win 65535
150 packets captured
10780 packets received by filter
9934 packets dropped by kernel
--
Regards
On 5/26/07, Kian Mohageri <[EMAIL PROTECTED]> wrote:
On 5/25/07, Abdullah Ibn Hamad Al-Marri <[EMAIL PROTECTED]> wrote:
> Hello,
>
> My server is being flooded by a script kiddie against port 7325.
What exactly is your question?
You can decrease the verbosity of PF (re
pos in your rule it's state and not stat\e
pass in quick on rl0 proto tcp from any to any port=21 flags S/SA synproxy state
As for Volker he is a real helpful guy, thank you Volker :)
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ibbon Campaign | Against HTML Mail and News
Max,
Thank you for the hard work to bring latest pf to FreeBSD.
When will it hit RELENG_6 and HEAD? :)
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
___
freebsd-pf@freebsd.or
)
#- Rate Limit ICMP (10 per host)
pass in quick proto icmp from any to any \
keep state \
(max-src-conn 1,max-src-states 11, \
overload flush global)
Comments?
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net
On 6/28/07, LI Xin <[EMAIL PROTECTED]> wrote:
Abdullah Ibn Hamad Al-Marri wrote:
> Hello,
>
> I would like to block ICMP and UDP flooders who exceed a reasonable number.
>
> #- Rate Limit UDP (150 per host)
> pass proto udp to any port $udp_services keep state
> pass
es \
flags S/SA synproxy state \
(max-src-conn 200, max-src-conn-rate 30/3, \
overload flush global)
pass out proto tcp to any flags S/SA
pass out proto { udp, icmp } to any
pass out on $ext_if inet proto udp from any to any \
port 33433 >< 33626
# End
Do y
d some one please take of it?
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail
ons of pf."
>
> I believe pf in 7 is based on OpenBSD 4.1.
>
> --per
I think this should be sent to freebsd-pf@freebsd.org and stable, since
RELENG_7 is branched.
Also the man isn't updated to reflect the changes in 7.0 yet :(
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab
>
> --
> Andrew Biriukov
> [EMAIL PROTECTED]
Is this related to your problem?
http://www.nabble.com/Suggestion-with-patch%2C-change-PF-TOS-matching-to-bitmask-tf4697797.html
--
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.W
Hello Max,
Would these change going to break the ABI, or could you import them to RELENG_7
later? since these changes boosts PF performance now :)
http://www.onlamp.com/lpt/a/7155
---
Regards,
-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net
ource-track rule, max-src-conn-rate 150/10, max-src-states 250,
> overload flush global)
>
> The number of states that I reach is little more then 2,000,000.
> (20,000,000 is the limit that I enforce)
> FreeBSD 7.0-RC1- Thu Jan 24 - amd64 - sched_ule
>
> Please advise.
>
22 matches
Mail list logo
