On Fri, Oct 20, 2017 at 04:21:34PM -0400, J Doe wrote:
> I have a question regarding a log entry from sshd in the auth.log of an
> Ubuntu 16.04 LTS server that I run. Upon disconnect, it displays:
>
> Oct 20 16:08:23 server sshd[1234]: Received disconnect from 1.2.3.4 port
> 1:11: disconnec
Hello,
I have a question regarding a log entry from sshd in the auth.log of an Ubuntu
16.04 LTS server that I run. Upon disconnect, it displays:
Oct 20 16:08:23 server sshd[1234]: Received disconnect from 1.2.3.4 port
1:11: disconnected by user
What does the number after the port number r
Shame on me ;-)
Now I saw:
"if neither are specified, the rule will match packets in both directions."
Originalnachricht
Von: Markus Rosjat
Gesendet: Freitag, 20. Oktober 2017 15:32
An: misc@openbsd.org
Betreff: Re: a pf question maybe asked a 1000 times
Hi,
as far as I understud the whole
Hi,
as far as I understud the whole thing
Am 20.10.2017 um 15:09 schrieb Michael Hekeler:
pass on hvn0 inet proto icmp all icmp-type echoreq
just to be curious: what is the effect of "on" in your rules "pass on ..."
As to pf.conf(5) there are only "in" or "out"
this should allow traffic i
On Fri, Oct 20, 2017 at 9:09 AM, Michael Hekeler
wrote:
>
> Glad to hear that you have solved the problem
>
>
> > as you may notice I added the ping and the dns to the ruleset since
> > this was blocked in the original set of rules.
>
> You can allow outgoind dns with one single rule:
>
> pass
Glad to hear that you have solved the problem
> as you may notice I added the ping and the dns to the ruleset since
> this was blocked in the original set of rules.
You can allow outgoind dns with one single rule:
pass out on $ext_if inet proto { tcp, udp } from $ext_if \
to any port dom
Predrag Punosevac wrote:
> On Tue, Jun 27, 2017 at 2:19 PM, Jan Stary wrote:
> > This is current/amd64 (dmesg below).
> > After installing smartmontools and running
> > /usr/local/sbin/smartctl -t short /dev/sd0c
> > in rc.local I get a log of
> >
> > atascsi_passthru_done, timeout
> >
> > in /
Hi Michael,
as far as pfctl -sr goes a block return expands to block return all
but since I got it working now here is the ruleset that does what it
suppose to do :)
ext_if="hvn0"
set skip on lo
block return# block stateless traffic
block inet6
pass on $ext_if inet proto {tcp udp} to p
Op 20-10-2017 om 12:29 schreef Niels Kobschaetzki:
>
> On 17/10/20 08:09, x9p wrote:
>>> Depending on the country the ISP will see then the police coming to
>>> their
>>> datacenter and start to pull servers. And then they can close shop
>>> because
>>> a single customer was an asshole and did ille
On Fri, Oct 20, 2017 at 12:59:51PM +0200, Markus Rosjat wrote:
> ...
> block return# block stateless traffic
Hi Markus, here´s another hint:
no matter if you want to drop silently or send a return for the dropped
packet, you have to tell **on which packet the block action should react**
Hi again,
okay big time PEBKAC ... if you do the the -d you should at some point
do the -e ... haha
anyway always fun to brainstorm with you guys this list rocks !!!
Am 20.10.2017 um 14:11 schrieb Markus Rosjat:
Hi,
yeah well the rules are loaded, I could flush befor do pfctl -f to make
i
Sweet. Are you porting that to OpenBSD?
On Thu, Oct 19, 2017 at 11:39 PM, SOUL_OF_ROOT 55
wrote:
> My inspiration for posting here is the following topic:
>
> https://forums.freebsd.org/threads/62876/
>
> Em quinta-feira, 19 de outubro de 2017, SOUL_OF_ROOT 55 <
> soulofroo...@gmail.com> escreveu
Hi,
yeah well the rules are loaded, I could flush befor do pfctl -f to make
it all clean.
I tried ssh m...@domain.tld from the machine with the ruleset. this works
with the given rules but it shouldnt in my opinion.
and yes there is no dns traffic allowed in the rules. Maybe its really
the
On Fri, Oct 20, 2017 at 12:59:51PM +0200, Markus Rosjat wrote:
> ...
> what I notice is I can initiate a ssh connection from this machine.
Just a question:
how do you initiate the ssh connection?
ssh host.example.com
Then you realise that there is also dns out (53/tcp,udp)
On 17/10/20 12:59, Markus Rosjat wrote:
Hi there,
I was wondering, after reading mr hansteens excelent book about pf and
the man pages, if I got it all wrong :)
so here is my example pf.conf
ext_if="hvn0"
set skip on lo
block return# block stateless traffic
block inet6
pass in on $ext
On Fri, Oct 20, 2017 at 12:59:51PM +0200, Markus Rosjat wrote:
> ...
> what I notice is I can initiate a ssh connection from this machine.
> So there are three possible answers to this:
> - 1st with allowing ssh traffic in the first place ssh port will be
>considered passable from both sites o
Hi,
Am 20.10.2017 um 13:11 schrieb Bryan Harris:
I don't know the answer but I'm curious. What does "pfctl -sr" command
show? Can you do dns lookups?
PS - my rules have the "pass out all" rule at the bottom.
V/r,
Bryan
sure I can give the output:
$ doas pfctl -sr
doas (m...@my.own) passw
Je 2017-10-20 12:59, Markus Rosjat skribis:
Hi there,
I was wondering, after reading mr hansteens excelent book about pf and
the man pages, if I got it all wrong :)
so here is my example pf.conf
ext_if="hvn0"
set skip on lo
block return# block stateless traffic
block inet6
pass in on $e
I don't know the answer but I'm curious. What does "pfctl -sr" command
show? Can you do dns lookups?
PS - my rules have the "pass out all" rule at the bottom.
V/r,
Bryan
On Fri, Oct 20, 2017 at 6:59 AM, Markus Rosjat wrote:
> Hi there,
>
> I was wondering, after reading mr hansteens excelent
Hi there,
I was wondering, after reading mr hansteens excelent book about pf and
the man pages, if I got it all wrong :)
so here is my example pf.conf
ext_if="hvn0"
set skip on lo
block return# block stateless traffic
block inet6
pass in on $ext_if inet proto tcp from any to ($ext_if)
On Thu, 19 Oct 2017 16:27:26 -0200 x9p wrote:
> .. .but of course need to act upon receiving a court order.
Which was raised by solicitors ("lawyers" is USA speak) in the hosting
country, in a court room, in the hosting country, and legally authorised
by the government of the hosting country, for
> Depending on the country the ISP ..
Guys, this is not an OpenBSD thread, so misc@OpenBSD.org is not an appropriate
forum for it. Please do not continue with this thread here.
On 17/10/20 08:09, x9p wrote:
Depending on the country the ISP will see then the police coming to their
datacenter and start to pull servers. And then they can close shop because
a single customer was an asshole and did illegal stuff on their ip-range
and hardware. That is self-protection.
ag
> > professional software exists. So noone hacks his own scripts.
of course also a script can be professional ;-)
My meaning was that several software existsm that is already accepted by
court and so the lawyer can be sure that these logs can be used in a
lawsuit. What I wanted to say is that no
> Depending on the country the ISP will see then the police coming to their
> datacenter and start to pull servers. And then they can close shop because
> a single customer was an asshole and did illegal stuff on their ip-range
> and hardware. That is self-protection.
>
agree on that. a single cus
The idea is quite nice, and no one has ever implemented it, to my
knowledge. Specifically to OpenBSD, I believe it could be achieved with an
expect+bioctl script talking to the serial console, emailing the
passphrase (or setting one chosen by the client).
Such hosting would be really privacy+encr
I'm posting this because it has as much to do with OBSD as all this
bullshit;
https://www.youtube.com/watch?v=py3u3P9OpBE
On Fri, Oct 20, 2017, at 05:52 AM, x9p wrote:
>
> > hehe - you don´t know the situation in germany ;-)
> > I have seen many of these letters for "one time users" (even those
> hehe - you don´t know the situation in germany ;-)
> I have seen many of these letters for "one time users" (even those with
> only a few seconds connection)
>
I do actually. By the time i lived there, a friend got something like EUR
800 bill for downloading a movie over torrent. Thats why I do
> You use OpenBSD, so why are you worried about DMCA? That is, you must care
> about security so youfre already using aggressive blocklists, encrypted
> peers only, etc etc. A well configured torrent client leaks very little
> info.
>
aggressive blocklists is a nice idea, will take a look.
good t
Thanks for the clarification. Am googling 'Stichting Brein' and learning a
lot, bit scary tough.
>
> I would not take the chance, and I live in The Netherlands. I don't need
> to. But if I would build a setup,
> it would be with a VPS in Switzerland. Never, ever in The Netherlands.
>
will look i
I want to see a certain individual who can actually string a coherent
sentence of proper English rather than typing like a texting stoner
because they are too lazy to understand how a keyboard works. It would
be even better if that individual actually understood what they post.
On Fri, 20 Oct 2017
Depending on the country the ISP will see then the police coming to their
datacenter and start to pull servers. And then they can close shop because a
single customer was an asshole and did illegal stuff on their ip-range and
hardware. That is self-protection.
Niels
> On 20. Oct 2017, at 08:2
32 matches
Mail list logo
