On Sun, 20 Feb 2005 11:42:41 -0700, Pat Maddox <[EMAIL PROTECTED]>
>
> I'd still like to find a good example config file that works well for
> a web server.
>
I posted an easy to adapt config file 3 days ago, haven't you seen it?
___
freebsd-questions@
On Sun, 20 Feb 2005 06:23:39 -0800, Loren M. Lang <[EMAIL PROTECTED]> wrote:
> On Mon, Feb 14, 2005 at 09:32:25PM -0700, Pat Maddox wrote:
> > I want to install a firewall on my system. First of all, is PF the
> > one I should be using? It seems to get the most recommendations.
> >
> > I don't ac
On Mon, Feb 14, 2005 at 09:32:25PM -0700, Pat Maddox wrote:
> I want to install a firewall on my system. First of all, is PF the
> one I should be using? It seems to get the most recommendations.
>
> I don't actually seem to have any problems configuring it - I just
> have some problems testing
On Fri, 18 Feb 2005 00:28:30 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote:
> Can you guys let me know if this looks like a good conf file? I've
> got web, mail, ftp, ssh, and DNS that I need to have open.
>
> # Macros
> ext_if="fxp0"
> SYN_ONLY="S/FSRA"
> tcp_services = "{ 21, 22, 25, 53, 80, 143
Can you guys let me know if this looks like a good conf file? I've
got web, mail, ftp, ssh, and DNS that I need to have open.
# Macros
ext_if="fxp0"
SYN_ONLY="S/FSRA"
tcp_services = "{ 21, 22, 25, 53, 80, 143 }"
icmp_types = "echoreq"
# Default deny
block all
## Filtering rules
# Default TCP
On Wed, 16 Feb 2005 19:18:17 -0700, Pat Maddox <[EMAIL PROTECTED]> wrote:
> I've managed to come up with something that works so far. I am having
> two problems though.
>
> The first is that I can't authenticate for IMAP anymore. No clue why,
> it just keeps rejecting my password. maillog shows
I've managed to come up with something that works so far. I am having
two problems though.
The first is that I can't authenticate for IMAP anymore. No clue why,
it just keeps rejecting my password. maillog shows imapd: LOGIN
FAILED, that's it.
Also, after enabling pf, all my UDP ports show as
Hi Pat,
Is there any place I can find a good default ruleset for a server, and
just change what ports I want open?
pf originates at openbsd. There you'll find lots of documentation, the
pf-faq, and the (as always in the BSD world) excellent manpages.
In addition there's the pf-repository at: htt
Is there any place I can find a good default ruleset for a server, and
just change what ports I want open?
Also, I've noticed that some rulesets will have different flags and
keep state on for certain TCP ports, but not others. For example, at
https://www.section6.net/help/pf.php I found:
#WebSer
> quickly see what's up. When PF is disabled, I can nmap it in about 9
> seconds. When I turn it on, it takes over 3 minutes to do. These
> machines are on the same network, so the connection is obviously fast.
I believe this is becuase nmap is having to wait on the connections to
time out. If
10 matches
Mail list logo
