Greetings! Included below is my pf.conf set up to use
dansguardian (proxyport 3128, filterport 8080)
and tinyproxy (listen port 3128) as a transparent
proxy.
What changes do I need to make to keep someone on
int_if/int_net from circumventing dansguardian
by changing their browser to point to 3
On 4/18/07, Reyk Floeter <[EMAIL PROTECTED]> wrote:
> On Tue, Apr 17, 2007 at 05:34:48PM -0700, [EMAIL PROTECTED]
wrote:
> > I run an openbsd firewall. I want to block certain sites either
by IP
> > address or by domain name. How do I get more information on how
to set
> > this up?
> >
> > Thanks
--- Darrin Chandler <[EMAIL PROTECTED]> wrote:
> ...
> Here is a good place, and there's also a pf mailing list as well
> (pf@benzedrine.cx).
> ...
Is this mailing list still active? I subscribed about a month
ago and have yet to receive a single e-mail.
The archives show no messages after Nov
Dear All,
Everything is working now: caching DNS server, pf, dhcp, and
tinyproxy.
For the record, these really were my friends:
1. pfctl -g -s rules | grep '^@'
2. tinyproxy compiled with --enable-debug
3. this list (awe shucks!)
Tinyproxy.conf ended up being the culprit but not without a
[snip]
> My favorite solution is rsnapshot in ports. It beats rsync and scp
> because not only does it allow you to specify what and when to
> backup,
> but it uses hard links. What's that got to do with anything? Well it
> rsyncs everything on the first backup, and only the differences
> there
>
I would ask: does it still work under 3.8? I'm not so sure 3.9
is the culprit.
MS security updates hose this kind of stuff all the time (at least
for me).
Take care,
Allen
--- Tim <[EMAIL PROTECTED]> wrote:
> I may be beat up for asking this question, but I'll endure it if it
> leads to an
--- "Spruell, Darren-Perot" <[EMAIL PROTECTED]> wrote:
[snip]
> Please support your statement that documentation falls under export
> regulations. Documentation and specifications != hardware.
[snip]
WARNING: NEWBIE ALERT, NEWBIE COMMENTS FOLLOW.
I have no dog in this fight but it only took me th
Dear All,
Everything is working now: caching DNS server, pf, dhcp, and
tinyproxy.
For the record, these really were my friends:
1. pfctl -g -s rules | grep '^@'
2. tinyproxy compiled with --enable-debug
3. this list (awe shucks!)
Tinyproxy.conf ended up being the culprit but not without a
--- Stuart Henderson <[EMAIL PROTECTED]> wrote:
> On 2006/06/12 04:20, Allen Theobald wrote:
> > I recompiled/reinstalled tinyproxy with --enable-transparent-proxy
> > and restarted my system.
>
> Double-check you're running the new binary...ports/packages might
&
Good morning,
I am having problems getting tinyproxy 1.6.3 to run transparently
with pf.
I recompiled/reinstalled tinyproxy with --enable-transparent-proxy
and restarted my system.
I figured the key is to start simple and build from there.
So, I set up the most simplistic pf ruleset: pass ev
Hello!
For installing a package how can I tell what the configure
script (./configure) or command line arguments to the build were?
Take care,
Allen
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
Greetings,
I get transparent proxying with squid and pf.
I get dansguardian and pf.
What I don't get is squid, dansguardian, and pf.
pf.conf fragment:
int_if="gem0"
ext_if="kue0"
# redirect to squid
rdr on $int_if inet proto tcp from any to any \
port www -> 127.0.0.1
In case anyone was going to answer this. :^)
Forget this followup.
In my rush to get an answer I didn't actually think about what I
was asking at the end (thanks to Jeff Quast for pointing this out).
Take care,
Allen
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail
Greetings and thank you all for your replies.
Thanks to all your suggestions I finally got it going with a caching
DNS server.
I understand this particular approach and am grateful to have it
working.
Being somehwat of a geek I am not content with merely getting it
working, though! :^)
Now
Greetings everyone!
Apologies in advance if this came through already.
This question has to do with PF and DNS from my internal
network to my ISP.
Here is what I have done:
Set /etc/sysctl.conf
net.inet.ip.forwarding=1
Set /etc/rc.conf
pf=YES
Used the pf.conf file from the FAQ
(http
Greetings everyone!
This question has to do with PF and DNS from my internal network to my ISP.
Here is what I have done:
Set /etc/sysctl.conf
net.inet.ip.forwarding=1
Set /etc/rc.conf
pf=YES
Used the pf.conf file from the FAQ
(http://www.openbsd.org/faq/pf/example1.html). Exce
16 matches
Mail list logo
