> I think it is caused by the packets blocked having the RST flag set -- a
> consequence of specifying "flags S/SA" in rule @39. Check out man
> pf.conf. Look for section about "flags a/b | any" (line 317 here).
The S/SA wasn't set explicitly my me, its the default.
Out of interest, would this
I am a big fan of Decisio (https://www.deciso.com/product-catalog/)
Yes, it comes out of the box with "another BSD" preloaded, but you can easily
take care of that in a few minutes courtesy of a USB console and a USB key with
Mr de Raadt's opus magnum on it. ;-)
‐‐‐ Original Message
Hi,
I'm banging my head against a brick wall here trying to figure out why PF (on
OpenBSD 6.3) is allowing some packets but blocking others ?
Here's the tcpdump:
Sep 05 18:07:45.084191 rule 39/(match) pass in on vlan108: 192.0.2.150.49156 >
198.51.100.158.20001: udp 47
Sep 05 18:07:45.084220 ru
Thanks for your reply.
>
> If you are configuring a route server, you don't want "route-collector yes".
> Or if you want a route collector, it won't advertise any route so your
> concerns
> are null.
Interesting point. My understanding was that a route server did not make any
best-path decis
Hi,
I'm trying to figure out the most suitable config params transform OpenBGPD
into a route server.
So far I have :
route-collector yes
transparent-as yes
But my concern is more in the area of suitable filters to prevent loops.
I'm thinking I need something along the lines of :
allow to any
> Just a thought: sudo -u $some_restricted_user $your_preffered_browser ?
good that you brought this up; i been wondering about this too.
does it help? if so how come there isnt a default non-privileged user
created for, say, firefox when the pkg is installed? like there is for
bitlbee (_bitlbee
t; On Wed, 14 Dec 2005 05:41:30 -0800, Bob Smith <[EMAIL PROTECTED]> wrote:
>
> >vmware recently released a program which kind of
> >chroot jails the browser.
> >http://www.vmware.com/vmtn/vm/browserapp.html
> >
> >im not a programmer myself, but i was wondering
vmware recently released a program which kind of
chroot jails the browser.
http://www.vmware.com/vmtn/vm/browserapp.html
im not a programmer myself, but i was wondering
if perhaps using a similar technique we could lock
down the browsers in openbsd?
seems to me that would increase security greatl
8 matches
Mail list logo
