On Sat, 21 Mar 2009 21:03:45 +0100 Henning Brauer
wrote:
> whoever claims v6 would be any good has never written network code
> dealing with it.
>
> hey, compare these two which do the same, one for v4 and one for v6:
>
>
> don't get me started on the 160bit addresses (128 + 32 scope ID) whic
On Sat, Mar 21, 2009 at 1:03 PM, Henning Brauer
wrote:
> * Garry Dolley [2009-03-21 20:32]:
>> > > If everyone continues to avoid IPv6, then it will remain less than
>> > > useful. I understand IPv6 has less than 1% uptake at the moment, but I
>> > > don't understand why employing it (in addition
* Garry Dolley [2009-03-21 20:32]:
> > > If everyone continues to avoid IPv6, then it will remain less than
> > > useful. I understand IPv6 has less than 1% uptake at the moment, but I
> > > don't understand why employing it (in addition to IPv4 NATing hacks) is
> > > "about the least smart" thing
> > If everyone continues to avoid IPv6, then it will remain less than
> > useful. I understand IPv6 has less than 1% uptake at the moment, but I
> > don't understand why employing it (in addition to IPv4 NATing hacks) is
> > "about the least smart" thing an ISP could do?
> >
> > Is it a cost issu
* J.C. Roberts [2009-03-21 09:54]:
> On Fri, 20 Mar 2009 20:16:32 +0100 Henning Brauer
> wrote:
>
> > * J.C. Roberts [2009-03-10 02:03]:
> > > The "smart" answer for an ISP is moving to IPv6
> >
> > that is about the least smart thing anybody could do.
> If everyone continues to avoid IPv6, th
On Fri, 20 Mar 2009 20:16:32 +0100 Henning Brauer
wrote:
> * J.C. Roberts [2009-03-10 02:03]:
> > The "smart" answer for an ISP is moving to IPv6
>
> that is about the least smart thing anybody could do.
Hi Henning,
If everyone continues to avoid IPv6, then it will remain less than
useful. I
Is your external IP on DHCP? I doubt it's pf that's changing.
-Bryan
On Sun, Mar 8, 2009 at 4:01 PM, Hilco Wijbenga wrote:
> Hi all,
>
> I have pf running on my firewall box and I'm experiencing some strange
> behaviour. After several hours (this may even be 24 hours) of
> functioning normally,
* J.C. Roberts [2009-03-09 10:06]:
> On Sun, 8 Mar 2009 16:01:57 -0700 Hilco Wijbenga
> wrote:
>
> > I have pf running on my firewall box and I'm experiencing some strange
> > behaviour. After several hours (this may even be 24 hours) of
> > functioning normally, pf seems to reload its default r
* J.C. Roberts [2009-03-10 02:03]:
> The "smart" answer for an ISP is moving to IPv6
that is about the least smart thing anybody could do.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Serv
Hi!
On Mon, Mar 09, 2009 at 07:06:10PM -0700, Hilco Wijbenga wrote:
>[...]
>ext_if = "sk0"
>int_if = "sk1"
>set skip on lo
>set block-policy return
>scrub in
>nat log on $ext_if from $int_if:network to any -> ($ext_if)
>block log
>pass out quick from $int_if to $int_if:network
>pass out quick
On 2009-03-12, Hilco Wijbenga wrote:
>> That netmask would give you the range 192.168.0.0 - 192.168.255.255 on
>> your external interface, and hence, overlapping your internal network.
>
> The netmask is 192.168.1.255 so I should be okay there.
that's an invalid netmask. do you mean 255.255.255.0
It happened again...
2009/3/9 J.C. Roberts :
> As for whether or not the assigned IP address you get from your ISP via
> DHCP will become a problem really depends on the netmask and default
> route they give you along with the IP.
>
> If your internal network is 192.168.151.*
> And your ISP gives
On Mon, 9 Mar 2009 19:06:10 -0700 Hilco Wijbenga
wrote:
> 2009/3/9 J.C. Roberts :
> > On Mon, 9 Mar 2009 09:07:51 -0700 Hilco Wijbenga
> > wrote:
> >
> >> 2009/3/9 J.C. Roberts :
> >
> > I doubt your ISP only has 254 customers, so they are most likely
> > using more than just the stated 192.168.
2009/3/9 J.C. Roberts :
> On Mon, 9 Mar 2009 09:07:51 -0700 Hilco Wijbenga
> wrote:
>
>> 2009/3/9 J.C. Roberts :
>> > On Sun, 8 Mar 2009 16:01:57 -0700 Hilco Wijbenga
>> > wrote:
>> >
>> >> I have pf running on my firewall box and I'm experiencing some
>> >> strange behaviour. After several hours
On Mon, 9 Mar 2009 09:07:51 -0700 Hilco Wijbenga
wrote:
> 2009/3/9 J.C. Roberts :
> > On Sun, 8 Mar 2009 16:01:57 -0700 Hilco Wijbenga
> > wrote:
> >
> >> I have pf running on my firewall box and I'm experiencing some
> >> strange behaviour. After several hours (this may even be 24 hours)
> >> o
>Ah, different semantics. :-) By "default rules" I mean whatever pf
>does *without* an /etc/pf.conf. Probably something like "block all".
Without any rules, pf does not block anything.
come on.. stop making assumptions.
Dag Richards wrote:
>> In sort my first guess is your IP is changing every 24 hours or so due
>> to your service provider using dynamic addressing (and trying to
>> prevent you from having a particular IP for too long). If I'm right,
>> then your problem is that pf is holding on to the old rules f
2009/3/9 J.C. Roberts :
> On Sun, 8 Mar 2009 16:01:57 -0700 Hilco Wijbenga
> wrote:
>
>> I have pf running on my firewall box and I'm experiencing some strange
>> behaviour. After several hours (this may even be 24 hours) of
>> functioning normally, pf seems to reload its default rules which means
On Mon, Mar 09, 2009 at 08:10:00AM -0700, Dag Richards wrote:
> Interesting, that is brings up a question for me... what do we do in
> this case? My ISP seems to be content to give the same ip back over and
> over again. If they did not is there something I can do besides monitor
> my $ext_
On 3/9/09 2:05 AM, J.C. Roberts wrote:
On Sun, 8 Mar 2009 16:01:57 -0700 Hilco Wijbenga
wrote:
I have pf running on my firewall box and I'm experiencing some strange
behaviour. After several hours (this may even be 24 hours) of
functioning normally, pf seems to reload its default rules which
On Sun, 8 Mar 2009 16:01:57 -0700 Hilco Wijbenga
wrote:
> I have pf running on my firewall box and I'm experiencing some strange
> behaviour. After several hours (this may even be 24 hours) of
> functioning normally, pf seems to reload its default rules which means
> that from that point on all t
2009/3/8 Jason Dixon :
> On Sun, Mar 08, 2009 at 04:01:57PM -0700, Hilco Wijbenga wrote:
>> Hi all,
>>
>> I have pf running on my firewall box and I'm experiencing some strange
>> behaviour. After several hours (this may even be 24 hours) of
>> functioning normally, pf seems to reload its default r
On Sun, Mar 08, 2009 at 04:01:57PM -0700, Hilco Wijbenga wrote:
> Hi all,
>
> I have pf running on my firewall box and I'm experiencing some strange
> behaviour. After several hours (this may even be 24 hours) of
> functioning normally, pf seems to reload its default rules which means
> that from
23 matches
Mail list logo
