> -Original Message-
> From: [EMAIL PROTECTED] [mailto:owner-freebsd-
> [EMAIL PROTECTED] On Behalf Of Vitaliy Vladimirovich
> Sent: Wednesday, March 26, 2008 6:58 AM
> To: Jeremy Chadwick
> Cc: freebsd-pf@freebsd.org
> Subject: Re[2]: PF rules for internal interface
>
> --- Original Mes
S/SA keep state. I'm scrub in all +
scrub out all , and basically it's a standard setup.
I'm wondering if anyone can help me more. I have my PF rules if more
information is needed but hopefully someone has a suggestion without
requiring that.
Try pass out proto udp from any to any port 53
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:owner-freebsd-
> [EMAIL PROTECTED] On Behalf Of Ansar Mohammed
> Sent: Wednesday, May 07, 2008 1:34 PM
> To: freebsd-pf@freebsd.org
> Subject: UDP weirdness
>
> I have a very simple confi
You cannot track state of stateless protocols such as UDP.
> -Original Message-
> From: Ansar Mohammed [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 07, 2008 4:54 PM
> To: 'Jille'
> Cc: 'Kevin K'; freebsd-pf@freebsd.org
> Subject: RE: UDP we
You can use tools from ports like trafshow, iftop and pftop to display the
statistics that you are looking for.
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:owner-freebsd-
> [EMAIL PROTECTED] On Behalf Of Vitaliy Vladimirovich
> Sent: Tuesday, June 03, 2008 3:56 PM
> To: freebsd
I'm curious if there has been some benchmarking done to compare the two
methods of enabling PF.
The security debate could be argued to be circumstantial, but I'd like to
hear from people who use it in production via loaded module, as my only
experience with PF is building it into the kernel.
-
I am using FreeBSD 6.2-release w/ PF. Everything seems to be okay, except
the fact that Windows Vista machines cant get through the network. I have
tried many things, including just using a skeleton PF configuration and I'm
still having trouble.
Just curious if anyone has experienced issues with t
>Do you imply that you have other operating system behind your FreeBSD wall,
but have not this sort of issue? Is the >problem Vista specific?
Only FreeBSD machines are behind the firewall. The issue lies with a Vista
machine accessing the network through the firewall. The connection attempt
(re
>
> >Do you imply that you have other operating system behind your FreeBSD
> wall,
> but have not this sort of issue? Is the >problem Vista specific?
>
>
> Only FreeBSD machines are behind the firewall. The issue lies with a
> Vista
> machine accessing the network through the firewall. The conn
Dennis Berger wrote:
> We have a vista client and openbsd 3.9 pf box here. no problems at all.
> What you could try is something like this.
>
> pass in quick on $ext_if fastroute inet proto tcp from $somewhere to
> any
>
I'm going to try that, but I'm looking for a solution where I don't have t
Volker wrote:
>
> Kevin,
>
> helping you with just this snippet of rules is like fishing in the
> dark.
>
> Your rules do the following: A connection coming from a single IP
> address (/32) is passing the firewall on the external IF. As it does
> not create state (no keep state option) the answ
> David Nguyen wrote:
> >I've installed Vista recently and it detected the network drivers and
> "seemed" to be working (default drivers with >Vista). I thought it was
> the network, but it was actually the network drivers that came with
> vista (nForce). I would >retrieve a DHCP, but would not com
The only thing I can think of is if maybe the firewall uses the Microsoft
server as DNS, and you should be able to resolve computer names and write
rules in PF accordingly.
I am planning on implementing a couple FBSD PF boxes in front of some
Windows servers, so it would be interesting if anyone e
13 matches
Mail list logo
