Re: PF Performance on FreeBSD 6.2 Release

--- Original Message --- From: "Mark Pagulayan" To: Date: 18 january, 02:57:30 Subject: PF Performance on FreeBSD 6.2 Release > Hi All, > > > > We are planning to upgrade our old Firewall ( PF) boxes which runs on > OpenBSD 4.0 to run OpenBSD 4.2 because of the improvements being done > on the P

PF rules for internal interface

Hello! I have problem with restriction rules for my internal interface. This is my rules for $int_if: pass out quick on $int_if block in on $int_if pass in on $int_if from $mynet to any But in this situation computers from another subnets can ping my internal interface. Were is my mistake? Thank

Re[2]: PF rules for internal interface

--- Original Message --- From: Jeremy Chadwick To: Vitaliy Vladimirovich Date: 26 march, 12:00:30 Subject: Re: PF rules for internal interface > On Wed, Mar 26, 2008 at 10:51:52AM +0200, Vitaliy Vladimirovich wrote: > > Hello! I have problem with restriction rules for my internal

Re[2]: PF rules for internal interface

--- Original Message --- From: Jeremy Chadwick To: Vitaliy Vladimirovich Date: 26 march, 12:00:30 Subject: Re: PF rules for internal interface > On Wed, Mar 26, 2008 at 10:51:52AM +0200, Vitaliy Vladimirovich wrote: > > Hello! I have problem with restriction rules for my internal

dst_addr and subdomains

     Hi!  How can I specify dst_addr in my rule for all subdomains of server. E.g. example1.server.com, example2.server.com and so on. Something like this: pass out on sk0 inet proto tcp from $MY_LAN to *.example.org port www ___

How specify range IP?

Hi,all! I need specify a range IP addresses in may spamd-whitelist table, e.g. 209.85.128.0-209.85.255.255. How can I do this correctly? Thanks in advance! ___ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/free

Re[2]: How specify range IP?

--- Original Message --- From: Mike Tancsa <[EMAIL PROTECTED]> To: "Vitaliy Vladimirovich" <[EMAIL PROTECTED]>, freebsd-pf@freebsd.org Date: 23 may, 16:07:12 Subject: Re: How specify range IP? At 07:24 AM 5/23/2008, Vitaliy Vladimirovich wrote: >Hi

(No subject)

Hi, All!        I use pfstat on my FreeBSD box and I have some questions: 1. How can I monitorig not only bandwidth but total upload and download data? 2 Can I have statistic on each IP from LAN?     TIA ___ freebsd-pf@freebsd.org ma

Re[2]: (No subject)

--- Original Message --- From: "Kevin K" <[EMAIL PROTECTED]> To: "'Vitaliy Vladimirovich'" <[EMAIL PROTECTED]>, Date: 3 june, 23:00:32 Subject: RE: (No subject) You can use tools from ports like trafshow, iftop and pftop to display

PF and blocking of some ports

Hi,  I have question about blocking some ports for LAN users.  Below a part of my pf.conf: nat on $ext_if tag LAN_INET_NAT_TCP_UDP tagged LAN_INET_TCP_UDP -> $ext_if:0 pass out quick on $ext_if inet tagged LAN_INET_NAT_TCP_UDP pass out quick on $ext_if inet proto {tcp udp}

Re[2]: PF and blocking of some ports

--- Original Message --- From: Max Laier <[EMAIL PROTECTED]> To: freebsd-pf@freebsd.org Date: 21 july, 13:48:23 Subject: Re: PF and blocking of some ports On Monday 21 July 2008 11:07:15 Vitaliy Vladimirovich wrote: > Hi, > >  I have question about blocking

pf and torrent clients

Hi, All. I have one question about pf. In my LAN some users use torrent clients. This torrent client create states with 86400s timeoutes. But when users shutdown own computers at the end of working day, entries remain before the expiration 86400s. Not 90s as at closing web or ftp sessi

Break connection

Hello, guys. I use PF on my FreeBSD firewall and have one question about PF. When user download some big file, such as .AVI, and if speed of downloading is slow, occurs connection breakage. What parametres of global timeouts should be changed what to solve the problem. Thanks! ___

Re[2]: PF syntax error

--- Original Message --- From: Jeremy Chadwick <[EMAIL PROTECTED]> To: Peter Clark <[EMAIL PROTECTED]> Date: 15 october, 20:27:25 Subject: Re: PF syntax error On Wed, Oct 15, 2008 at 12:00:50PM -0500, Peter Clark wrote: > Hello, > > I am not sure if I should be here or over

ALTQ traffic shaping problem

  Hi, All!  I have installed FreeBSD 7.2 with pf as firewall and NAT with ALTQ for traffic shaping. This is my test system on VMWare.  Below my pf.conf. All works perfectly except, shaping.  I want limit outbound (128Kb) and inbound (800Kb) traffic to and from Internet for two comp

Re: Limit connections doens't work

--- Original Message --- From: Nico De Dobbeleer To: freebsd-pf@freebsd.org Date: 5 december, 16:09:52 Subject: Limit connections doens't work Hello, As most of the public ip's my servers are constantly under bruteforce attack see example: Dec 5 13:56:36 hosting sshd[

Re[2]: rdr + reply-to, some solution ?

   Hi Luiz!      Can you post here your working final ruleset with rdr + replye-to? Only rdr + reply-to section.   Thank you! PERFECT ! This is it ! (tribute to MJ) worked perfectly, had not really thought about using tag, perfect. thank you (valeu !)