Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: pf.conf in OpenBSD

  1. #11

    Re:pf.conf in OpenBSD

    Oddly enough that seems fine to me. This might help you out http://www.openbsdjournal.org/pf-howto/html/node3.html

  2. #12
    Senior Member
    Join Date
    May 2002
    Posts
    394

    Re:pf.conf in OpenBSD

    [quote author=GnuVince link=board=10;threadid=1834;start=0#37154 date=1023483355]
    2 things:
    1. It's nice to know someone liked me :-[
    2. How does it work now Schotty?
    3. Did I just make a GnuVince's 2?
    [/quote]

    He's BACK! Welcome back! ;D

  3. #13
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760

    Re:pf.conf in OpenBSD

    [quote author=GnuVince link=board=10;threadid=1834;start=0#37154 date=1023483355]
    2 things:
    1. It's nice to know someone liked me :-[
    2. How does it work now Schotty?
    3. Did I just make a GnuVince's 2?
    [/quote]

    1. Oh yeah! Glad to see ya back !
    2. I havent made any touches since yeaterday, and at that point it was blcoking (from what I can ascertain) all incoming packets on the LAN adapter.
    3. ?? Huh? I could name it that, in your Honor

  4. #14
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760

    Re:pf.conf in OpenBSD

    [quote author=Ashcrow link=board=10;threadid=1834;start=0#37155 date=1023483518]
    Oddly enough that seems fine to me. This might help you out http://www.openbsdjournal.org/pf-howto/html/node3.html
    [/quote]

    I actually found that one, and a few other good ones like that. I went step by step along the logic pattern. I eventually added in all of the keep state tags into my pf.conf and tried again, with no luck.

    Over the past few hours I came up with a few questions.

    1) When I sned a packet out of my box, thru the gateway to a remote location, AFAIK, the source is the IP of the leased line. On the return route, the gateway fixes the packet so the destination is my box. Well, then shouldnt I be able to filter on the LAN side then? The data coming in should have the source of the remote host, with the destination of whoever's PC, correct?

    2) I found some firewall builder (http://www.fwbuilder.org) , should I get X setup and try that? maybe that will be "easier" to get the logic down? Or more importantly -- will it work?


    For anybody who hasnt talked to me in regards to that actual purposes of this, here is the lowdown on what this is for, and why I am in such a rush to get this up by Monday morning.

    We just got plopped a really crappy new way of doing our orders for new telpehone service, and to lookup information in the CO switch. Well, the old way talked over a dedicated 56K line. Well that way is going to die in 8 days. The new way is over the internet. So now all the yahoos in customer service and data entry (who don't do shit for work in the first place) now have the luxury of internet. I am not gonna let them screw off while labor away at fixing their half ass fuckups. I am now here to limit their dose of fun to just SBC toolbar and mapquest and tw webpages to lookup longdistance. Now, I am already running into heat (not that I really give a rats ass -- hire antother IT guy to help and it may get done sooner, one guy aint enough) for this. And quite honestly, I could care less if they fire my ass ( I hate the shithole), but out of pride -- I am gonna get this up and going no matter what. Once this is done, I can redo my gateway at home at startup a real LAN and pickup a good DSL line and start some real servers MWHA HA HA.

    /end rant

  5. #15

    Re:pf.conf in OpenBSD

    [quote author=Schotty link=board=10;threadid=1834;start=0#37166 date=1023487591]

    1) When I sned a packet out of my box, thru the gateway to a remote location, AFAIK, the source is the IP of the leased line. On the return route, the gateway fixes the packet so the destination is my box. Well, then shouldnt I be able to filter on the LAN side then? The data coming in should have the source of the remote host, with the destination of whoever's PC, correct?

    [/quote]

    That seems correct. The gateway send sthe incoming data with the net hosts IP and changes it's IP to the IP of the box who requested it.

    [quote author=Schotty link=board=10;threadid=1834;start=0#37166 date=1023487591]
    2) I found some firewall builder (http://www.fwbuilder.org) , should I get X setup and try that? maybe that will be "easier" to get the logic down? Or more importantly -- will it work?
    [/quote]

    fwbuilder isn't half bad. I used it once with iptables and it was pretty nice. Give it a shot.


  6. #16
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760

    Re:pf.conf in OpenBSD

    Okay, heres my next question then.

    I never installed X when I setup my gateway. So I got the source from XFree86.org and compiled and installed it there. But for some reason my mouse is erratic in it. From what I gather, /dev/wsmouse is my mouse and ps2 is my protocol. But that isnt working, what are you using so I can try and get it working.

  7. #17

    Re:pf.conf in OpenBSD

    I am using /dev/wsmouse and Protocol "PS/2"and it works fine. The building from source should work (as it seems to have done) as long as you have it allowed for in /etc.

  8. #18
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760

    Re:pf.conf in OpenBSD

    Well, I will recheck the config over then. But what are you talking about allowing for X in /etc ? I have the defualt runlevel to be the terminal login, not X. Id rather only have X running when someone is PHYSICALLY in front of the system, not for remote X.

    Ahh, well anyhow, I am on my way in today. Ill see how it goes before I go to my guitar lesson. Then its Sunday to figure this stuff out

  9. #19
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760

    Re:pf.conf in OpenBSD

    Well, I gave up on the setting X up idea

    I needed a break so I figured I stop on by LJR. I hopefully will figure out a few line errors that are NOW popping up grrrr..... But what the hell, its a beautiful day out and theres nothing I'd rather do than hack ;D Oh well, good training nonetheless.

    I must thank you guys on getting me on the OpenBSD bandwagon. Its a real challenge, and I hope it will be worth the effort. I got a feeling that RedHat could do it fine, but whats the fun in having some GUI do it for me? Thats not how a true UNIX geek handles shit!

    Well, I need lunch, I can tell I am getting incoherent from malnutrition. 5 Meals a day, keeps the doctor at bay.

  10. #20

    Re:pf.conf in OpenBSD

    [quote author=Schotty link=board=10;threadid=1834;start=0#37261 date=1023559903]
    I must thank you guys on getting me on the OpenBSD bandwagon. Its a real challenge, and I hope it will be worth the effort. I got a feeling that RedHat could do it fine, but whats the fun in having some GUI do it for me? Thats not how a true UNIX geek handles shit!
    [/quote]

    We are happy to have you on our side! ;D

Similar Threads

  1. Nettune.conf
    By vishal wadhwa in forum Linux - Hardware, Networking & Security
    Replies: 5
    Last Post: 12-17-2006, 11:31 PM
  2. smb.conf example
    By trickster in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 06-21-2004, 11:48 PM
  3. DNS /etc/host.conf
    By Rastar in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 09-20-2002, 11:48 PM
  4. vga=792 in /etc/lilo.conf
    By wing328 in forum Linux - General Topics
    Replies: 1
    Last Post: 06-03-2002, 03:11 PM
  5. My pf.conf file
    By in forum Linux - Software, Applications & Programming
    Replies: 9
    Last Post: 03-28-2002, 05:46 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •