Hello,
I'm new on the openbsd world..i came from linux world :P And i got a
question about logs
In linux i used logwatch, i know that i can use it on openbsd. But is there
some other option in openbsd world? what about snort? what way you use to
analyze logs in rout firewall or workstations?
Th
gt;
> On 5/8/07, Alberich de megres <[EMAIL PROTECTED]> wrote:
> sed logwatch, i know that i can use it on openbsd. But is there
> > some other option in openbsd world? what about snort? what way you use
> to
> > analyze logs in rout firewall or workstations?
>
> Do
Can Pfstat make per source ip ( for local lan for example ) statistics?
I heared nice things about SEC,i will take a looks a both.
On 5/8/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> On Tue, May 08, 2007 at 10:45:36AM +0200, Alberich de megres wrote:
> > Hello,
> &g
I got my pf set up.
All works fine, except rdr rules. simply: pf won't redirect anything to
internal servers.
I change /etc/sysctl.conf:
net.inet.ip.forwarding=1
net.inet.carp.allow=1
net.inet.carp.preempt=1
net.inet.ip.multipath=1
My scenario is:
fw1 -> rl0 - carp / pfsync devs
-> rl1 -
Hi,
I send a previous mail about this yet, but i really can't fix the problem. I
readed a book recomended on openbsd site: building firewall with pf and
openbsd, and as i can understand rdr rules are very simple.
That's what i do on pf.conf:
pf.conf:
ext_if="rl1"
ext_carp_if="carp1"
int_if="rl2
what you mean?
On 5/12/07, Stuart Henderson <[EMAIL PROTECTED]> wrote:
>
> On 2007/05/12 11:11, Alberich de megres wrote:
> > rdr on $ext_if inet proto tcp from any to ($ext_carp_if) port 22 ->
> > 192.168.0.200 port 22
> > rdr on $ext_if inet proto tcp f
I'm trying to via passing trhough $ext_if. My $ext_if (rl0) has no ip
addres, they share one with a carp device.
On 5/12/07, Stuart Henderson <[EMAIL PROTECTED]> wrote:
>
> On 2007/05/12 12:15, Alberich de megres wrote:
> > what you mean?
>
> Where are you trying
5:24PM +0200, Alberich de megres wrote:
> > On 5/12/07, Stuart Henderson <[EMAIL PROTECTED]> wrote:
> > > On 2007/05/12 11:11, Alberich de megres wrote:
> > > > rdr on $ext_if inet proto tcp from any to ($ext_carp_if) port 22 ->
> > > > 192.168.0.2
I checked tcpdump on internal if, and it's not working. I enabled ip
forwarding on sysctl.conf, yes.
It's so weird. I'm shure it's a very stupid mistake but i can't find it...
On 5/13/07, Johan Linner <[EMAIL PROTECTED]> wrote:
>
> Is IP forwarding enabled?
>
> # sysctl net.inet.ip.forwarding=1
Hi again,
And sorry to insist on this I'm really lost.
I read in most webs-docs with rdr rule trafic get redirected to internal
servers and with this and pass rule is enought. But i find myself in a
different scenario, with rdr rule and pass rule packets get redirected to
internal server with
No,
There's a firewall with public address, and a server with internal address.
firewall: 1.2.3.4
server: 192.168.1.1
On 5/14/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
>
> On Mon, May 14, 2007 at 12:41:18PM +0200, Alberich de megres wrote:
> > Hi again,
> &g
sis0 inet proto tcp from any to 10.0.0.254 port 80 -> 192.168.1.69port 80
pass all
On 5/14/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
>
> On Mon, May 14, 2007 at 06:12:12PM +0200, Alberich de megres wrote:
> > On 5/14/07, Joachim Schipper <[EMAIL PROTECTED]> wr
Hi,
Yeah man, that worked
Thanks for all and you patience..
Thanks again.
On 5/14/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
>
> On Mon, May 14, 2007 at 07:25:34PM +0200, Alberich de megres wrote:
> > On 5/14/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
&g
Hi Again!
I got my firewall running, affer some headaches..
But i got a question: carp0 for example, uses em0 to listen my shared IP,
and sends advsken on this nic ( em0 ). The same thing with internal lan carp
device. But i don't want carp advske to travel in all net. I got a third
NICs used by
Hi again,
Following with my playground with pf, i realised that pfsync don't send
tables updates. I use a table to avoid ssh brute force, in carp master fw
tables gets update when i get a ssh attack, but this table isn't updated on
carp back fw.
Thanks
Hi again,
I got a trouble with ftp clients behind pf firewall. I can connect to server
but can't list directory contents, that's the chat:
230 User test logged in.
FEAT
211-Features:
MDTM
REST STREAM
SIZE
211 End
PWD
257 "/" is current directory.
TYPE A
200 Type set to A
AIL PROTECTED]> wrote:
>
> "Alberich de megres" <[EMAIL PROTECTED]> writes:
>
> > I got a trouble with ftp clients behind pf firewall. I can connect to
> server
> > but can't list directory contents, that's the chat:
>
> Don't take this
could it be for block all rules? Don't
know what's happening,
Thanks for all
On 5/25/07, Peter N. M. Hansteen <[EMAIL PROTECTED]> wrote:
>
> "Alberich de megres" <[EMAIL PROTECTED]> writes:
>
> > But i got this on my rc.local.conf yet.. Are the
/25/07, Alberich de megres <[EMAIL PROTECTED]> wrote:
>
> Hi again,
>
> I didn't wan't to mean that there is no info, I was only making reference
> to my ignorance: I don't know if this pass rules were seted corrected or
> not.
>
> I got the same bas
Hi,
I know i repeat myself, but that's important for me: my pf isn't syncing
tables i create. Can I solve this?
Thanks
> > 2007/5/8, Alberich de megres <[EMAIL PROTECTED]>:
> > > On 5/8/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> > > > On Tue, May 08, 2007 at 10:45:36AM +0200, Alberich de megres wrote:
> > > > > I'm new on the openbsd worl
Which tool is? tabled?
How can i make it sync tables throught ethernet? I only see in man sockets
files :S
On 5/26/07, Jason Dixon <[EMAIL PROTECTED]> wrote:
>
> On Sat, May 26, 2007 at 09:36:48AM +0200, Alberich de megres wrote:
> > Hi,
> >
> > I know i repeat mysel
Maybe it's a silly question but don't know where to start with tabled :S
I only got it installed. please..any help?
On 5/29/07, Alberich de megres <[EMAIL PROTECTED]> wrote:
>
> Which tool is? tabled?
> How can i make it sync tables throught ethernet? I only see in man
26, 2007 at 09:36:48AM +0200, Alberich de megres wrote:
> > > I know i repeat myself, but that's important for me: my pf isn't
> syncing
> > > tables i create. Can I solve this?
> >
> > Write a tool that synchronises your tables.
>
> You don't need
Ok,
I was using ports tabled version 1.04 wich haven't tablec and its man
tabled.conf don't tell nothing about listen command.
I downloaded 1.05 and all ok.
Thanks.
On 5/30/07, Joachim Schipper <[EMAIL PROTECTED]> wrote:
>
> On Tue, May 29, 2007 at 10:02:08PM +0200, Al
Hi,
I'm wandering if there is some way to log when an ip is inserted in a table?
thanks.
t;-x" argument to pfctl(8); try turning up the debugging level to
> various settings and watch syslog ~BAS
>
> On Mon, 2007-06-18 at 13:46 +0200, Alberich de megres wrote:
> > I'm wandering if there is some way to log when an ip is inserted in a
> > table?
> --
>
Hi,
Can anyone pointme to a embedded device like soekris?, but i want one that
performs fine using pf. Better if it have gigabits NICs but if not there's
no problem.
thanks!
28 matches
Mail list logo
