I'm not sure if it's relevant for your situation, but do you know
that, according to the iked(8) manpage, iked is 'not finished' and not
recommended for production networks? (See the last section -
'caveats')
It might be better to use isakmpd(8) with
ipsec(4)/ipsecctl(8)/ipsec.conf(5) if your runn
¡Muy Importante!
Si no puede visualizar correctamente este correo, le pedimos que lo arrastre a
su Bandeja de Entrada
Apreciable Ejecutivo:
TIEM de México
Empresa LÃder en Capacitación y Actualización de Capital Humano
Pone nuevamente a su disposición este exitoso curso denominado:
"Comuni
© 2012 Conference Corporativo S.C.
Asista a los 45 Mejores Cursos en México de la Serie: CONTABILIDAD Y
FINANZAS Incluye Temas Críticos Sobre:
Cierre de Gestión, Observaciones y Responsabilidades
Cursos, Contenidos y Metodologías Desarrollados en Alianza con las
Mejores Universidades Europeas con C
> > > pass all flags S/SA
> > > pass in on pppoe0 inet proto tcp from to port = flags
> > > S/SA synproxy state
> > >
Originally you posted pass in quick. Keep the quick in there, not for
any reason other than I have a quick in my rules. Same with the NIC, I
don't have any logical hopes f
On cs, aug 16, 2012 at 15:10:51 +0100, Kevin Chadwick wrote:
> > # pfctl -sr
> > pass all flags S/SA
> > pass in on pppoe0 inet proto tcp from to port = flags S/SA
> > synproxy state
> >
> > This is the only rule. Otherwise it's just 'pass all'. If I remove this
> > rule too *or* change sy
On cs, aug 16, 2012 at 17:18:08 +0200, Christopher Zimmermann wrote:
> On Thu, 16 Aug 2012 14:37:50 +0200
> LEVAI Daniel wrote:
>
> > On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
> > > On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
> > > > > Any help would be appreciat
On Thu, 16 Aug 2012 14:37:50 +0200
LEVAI Daniel wrote:
> On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
> > On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
> > > > Any help would be appreciated.
> > >
> > > Works for me on 5.1
> > >
> > > I don't think it's the rule but
Ïðèìè ó÷àñòèå â àêöèè îò iCredit è îòïðàâëÿéñÿ íà ×åðíîå ìîðå!
Àêöèÿ ïðîâîäèòñÿ ïî 31 àâãóñòà âêëþ÷èòåëüíî
Ðàçûãðûâàþòñÿ 3 ïóòåâêè, êàæäàÿ èç êîòîðûõ ðàññ÷èòàíà íà 2-õ ÷åëîâåê, íà
Êðûìñêîå ïîáåðåæüå íà ïåðèîä áàðõàòíîãî ñåçîíà è ïîäàðêè ñóìêè äëÿ
ïóòåøåñòâèé.
Óñëîâèÿ àêöèè:
1. Äëÿ òîãî, ÷òîáû ñ
On Thu, Aug 16, 2012 at 02:47:25PM +0200, Bernd wrote:
> Hi list,
>
> I'd like to blackhole some traffic. For instance, my AS is
> 12.34.56.0/20, so 12.34.58.0 might be announced, but is not
> necessarily connected (internal routing via OSPFd).
>
> On Cisco one uses:
>
> ip route 0.0.0.0 0.0.0.0
On Thu, 16 Aug 2012 14:47:25 +0200
Bernd wrote:
> Is there a way to achieve this on OpenBSD?
Directly from my mind...
To blackhole some google stuff.
route add -blackhole 8.8.0.0/16 127.0.0.1
/Martin
http://www.openbsd.org/cgi-bin/man.cgi?query=route&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html
Route has a -blackhole option, so you might try "route add -blackhole
0.0.0.0/0 127.0.0.1"
On Thu, Aug 16, 2012 at 7:47 AM, Bernd wrote:
> Hi list,
>
> I'd like to blackhole some
> # pfctl -sr
> pass all flags S/SA
> pass in on pppoe0 inet proto tcp from to port = flags S/SA
> synproxy state
>
> This is the only rule. Otherwise it's just 'pass all'. If I remove this
> rule too *or* change synproxy to keep, the connection is working.
>
I remember being puzzled by t
On Thu, Aug 16, 2012 at 11:41 AM, MERIGHI Marcus wrote:
> carlopm...@gmail.com (C. L. Martinez), 2012.08.15 (Wed) 20:20 (CEST):
>> On Tue, Aug 14, 2012 at 10:00 AM, C. L. Martinez
>> wrote:
>> > Hi all,
>> >
>> > I have some rules that I would like to redirect in syslog format to a
>> > log fil
Le 15 août 2012 à 16:16, L. V. Lammert a écrit :
> On Wed, 15 Aug 2012, Mikkel Bang wrote:
>
>> But with so many people recommending so many different tools, it gets hard
>> to come to a conclusion. Looks like I'm finally arriving at this though:
>> postfix (postfix-anti-UCE.txt) + dspam - what do
Hi list,
I'd like to blackhole some traffic. For instance, my AS is
12.34.56.0/20, so 12.34.58.0 might be announced, but is not necessarily
connected (internal routing via OSPFd).
On Cisco one uses:
ip route 0.0.0.0 0.0.0.0 Null0
This would throw any traffic headed to a network within my AS
On cs, aug 16, 2012 at 14:26:05 +0200, LEVAI Daniel wrote:
> On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
> > > Any help would be appreciated.
> >
> > Works for me on 5.1
> >
> > I don't think it's the rule but the combination of rules. Try reordering
> > your ruleset. I've had a
Serwus
W czwartek, 16 sie 2012 o 16:18 CEST
Indunil Jayasooriya napisał(a):
> I myself got it working after changing pf.conf file and relayd.conf files
You've changed redirect to relay in relayd.conf. I suppose this is the
real solution (it changes the way how relayd handle connections to
backe
On cs, aug 16, 2012 at 12:20:56 +0100, Kevin Chadwick wrote:
> > Any help would be appreciated.
>
> Works for me on 5.1
>
> I don't think it's the rule but the combination of rules. Try reordering
> your ruleset. I've had a problem before but I forget or never found the
> specific reason.
Okay,
> Any help would be appreciated.
Works for me on 5.1
I don't think it's the rule but the combination of rules. Try reordering
your ruleset. I've had a problem before but I forget or never found the
specific reason.
--
___
'Wr
Hi ALL,
I myself got it working after changing pf.conf file and relayd.conf files
here are the new working ones
*
in /etc/pf.conf file* *( on both nodes - fw1 and fw2 )*
# cat /etc/pf.conf
# $OpenBSD: pf.conf,v 1.50 2011/04/28 00:19:42 mikeb Exp $
#
# See pf.conf(5) for syntax and examp
On cs, aug 16, 2012 at 12:19:06 +0200, LEVAI Daniel wrote:
[...]
Forgot the dmesg. If it matters.
OpenBSD 5.1-stable (GENERIC) #0: Tue Aug 7 02:00:34 CEST 2012
root@.:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 2.40GHz ("GenuineIntel" 686-class) 2.42 GHz
cpu0:
FPU
Hi!
I'm using 5.1-stable on two machines with pppoe connections. The pf
synproxy state option doesn't work on pppoe interfaces, it just sends
back a TCP reset when trying to connect to a port configured with
synproxy state.
Meanwhile it works on any other interface (eg. the internal LAN
interfac
carlopm...@gmail.com (C. L. Martinez), 2012.08.15 (Wed) 20:20 (CEST):
> On Tue, Aug 14, 2012 at 10:00 AM, C. L. Martinez
wrote:
> > Hi all,
> >
> > I have some rules that I would like to redirect in syslog format to a
> > log file. I don't need to touch /var/log/pflog. To accomplish this I
> > ha
23 matches
Mail list logo
