On 2007/12/05 13:02, Kleber Rocha wrote:
> My rule is being ignored and the connection is being blocked by the
> default block rule:
> block in log all
>
> But these rules work well in OpenBSD 4.0
See the 4.0 -> 4.1 upgrade guide.
I have the following rule in pf.
pass in quick from 10.1.100.210 to any
Here the result of pfctl -sr
pass in quick inet from 10.1.100.210 to any flags S/SA keep state
But the connection is being blocked by pf, follows log of pflog0:
Dec 02 06:58:58.343862 rule 0/(match) [uid 0, pid 23271] block i
Hello,
Gentlemen, my PF is discarding some connections, for example, I have a
rsync listening on port 7788, the timing starts without problems, but
to begin to list the files and the connection closed, that the PF of
4.2, returned my PF the 4.0, and everything works correctly.
On 11/13/07, Kleber Rocha <[EMAIL PROTECTED]> wrote:
> I had a Openbsd-4.0 as a firewall, updated for OpenBSD-4.2 and my
> rules are no longer working.
> Ex
> In my rules I have something like this:
> pass in quick pass from 10.1.0.0/16 to 10.1.100.0/24 keep state
These rules looks wrong. Regardl
On Tue, 2007-11-13 at 14:17 -0200, Kleber Rocha wrote:
> 10.1.1.78 tries to access the ip 10.1.100.210 on port 8080, the
If xl0 faces 10.1.1.0 (outside) and bge0 faces your local (inside)
10.1.100.0/24, then your "pass in" statement will create a state
associated with inbound traffic.
However, it
Hello,
I had a Openbsd-4.0 as a firewall, updated for OpenBSD-4.2 and my
rules are no longer working.
Ex
In my rules I have something like this:
pass in quick pass from 10.1.0.0/16 to 10.1.100.0/24 keep state
pass in quick pass from 10.1.0.0/16 to 10.1.100.0/24 keep state
And at the end of the fi
Should I post bug report if I'm sure that this is the PF problem?
Could you recommend me other network performance test which can do
_many_ connections at a time.
Thank you.
2007/7/13, Stuart Henderson <[EMAIL PROTECTED]>:
> pass log quick on $int_if proto tcp from $me to 10.10.10.10 port 80
^^^
Is it any better without logging?
>>> And `pfctl -si` have normal values.
It's better to include the output. Also sysctl net.inet.ip.ifq.
# pfctl -si
Status: En
> pass log quick on $int_if proto tcp from $me to 10.10.10.10 port 80
^^^
Is it any better without logging?
>>> And `pfctl -si` have normal values.
It's better to include the output. Also sysctl net.inet.ip.ifq.
2007/7/13, Adriaan <[EMAIL PROTECTED]>:
On 7/13/07, TuxR <[EMAIL PROTECTED]> wrote:
> Hello.
>
> I trying to use OpenBSD under high load and have problems with PF.
>
> When there is very many connections to server in some point other
> connections just failes.
>
> I try to use simple test applic
On 7/13/07, TuxR <[EMAIL PROTECTED]> wrote:
Hello.
I trying to use OpenBSD under high load and have problems with PF.
When there is very many connections to server in some point other
connections just failes.
I try to use simple test application that creates 1000 connections to
server for 100
Hello.
I trying to use OpenBSD under high load and have problems with PF.
When there is very many connections to server in some point other
connections just failes.
I try to use simple test application that creates 1000 connections to
server for 1000 iteration. Maximum number I have observed w
El jue, 30-06-2005 a las 09:38 +0200, rinsan@ escribis:
> > On Wednesday 29 June 2005 21.23, rinsan@ wrote:
> >> Hi!
> >>
> >> After switching from OpenBSD 3.1 (with Intel fxp0) to OpenBSD 3.5 (with
> >
> > OpenBSD 3.5 is EOL (see link below) which means you can't expect support
> > for
> > it.
> >
> On Wednesday 29 June 2005 21.23, [EMAIL PROTECTED] wrote:
>> Hi!
>>
>> After switching from OpenBSD 3.1 (with Intel fxp0) to OpenBSD 3.5 (with
>
> OpenBSD 3.5 is EOL (see link below) which means you can't expect support
> for
> it.
> The latest release is available at ftp://ftp.su.se/pub/OpenBSD/
On Thursday 30 June 2005 02.47, you wrote:
> On Wednesday 29 June 2005 21.23, [EMAIL PROTECTED] wrote:
> > Hi!
> >
> > After switching from OpenBSD 3.1 (with Intel fxp0) to OpenBSD 3.5 (with
>
> OpenBSD 3.5 is EOL (see link below) which means you can't expect support
> for it.
as anounced here...
On Wednesday 29 June 2005 21.23, [EMAIL PROTECTED] wrote:
> Hi!
>
> After switching from OpenBSD 3.1 (with Intel fxp0) to OpenBSD 3.5 (with
OpenBSD 3.5 is EOL (see link below) which means you can't expect support for
it.
The latest release is available at ftp://ftp.su.se/pub/OpenBSD/3.7/i386/
Get
Hi!
After switching from OpenBSD 3.1 (with Intel fxp0) to OpenBSD 3.5 (with
Intel em0) I experienced some problems with pf. I have a user who is
unable to send any data through his VPN-tunnel, the VPN tunnel is a setup
with two Cisco routers in each end. When I activate pf in OpenBSD 3.5 the
tunn
17 matches
Mail list logo
