Posting this from a phone on mobile network. I tried accessing forums.freebsd.org from my computer connected by wire, from different browsers and by another device connected to wifi from the same network. Forums.freebsd.org is still not reachable.
The purpose of this post is to try and clarify a few basic ideas in packet filtering that I'm having trouble reducing to firm principles in practice.
0. PF lives in the kernel and handles all packets as they pass between NI(C)'s and daemons
1. Packets are identified by the NIC of origin and...
Could somebody with some knowledge and experience have a look at my pf.conf before I start using it, to make sure I'm not doing anything stupid with it?
I am using FreeBSD 12.2 on a laptop connected via wifi to my ISP router and the VPN provided for work.
I am using OpenVPN and...
I was not sure if I should put this to networking or off topic. I am looking for a relative cheap ITX motherboard and computer case which can handle 2x8 PCI-E cards with bifurcation without cutting metal or other kind of tinkering. I'd like to have something small for my home network, but I...
I'm having little problem with my setup of FreeBSD and Softether VPN. I want to be able to make connection with my VPN Server while firewall_type="closed".
I thought I had to add these rules:
add allow udp from any to any 67 setup keep-state
add allow udp from any to any 68...
As my rules get more complicated, i've gone from "from any", to "from ip-address", to "from en0". What I noticed is that when I specify via en0/en1, `pf` makes a rule for every IP address on that interface. Even though other IPs in my setup are covered by other rules. Including IPv6 addresses...
I've read a number of other threads and resources (here and elsewhere) but I can't seem to get the correct combination of things to make my scenario work. Some info seems to be outdated or I'm not sure how to fit it in. Maybe it just isn't possible. Hopefully this isn't completely...
According to the reddit post, the kid made a server, and used ssh to connect to it. He had a version of firefox that ran on the chromebooks/PCs on a flashdrive that routed the requests to the BSD server rather than the schools dns filter.
I have putty connected, the firefox and flashdrive is...
Hi. I have very simple setup. One windows PC and one FreeBSD server with samba share.
I don't need anything regarding windows network management, printing, netbios etc. Only one share.
There is my smb4.conf:
server string = My Samba Server
netbios name = my-samba
workgroup = MYHOME...
(Sorry for being a noob, It's my first time on the forums)
Hi, I am using a custom firewall rules script, It supposed to block all connections other than the ones specified here but well, it doesn't
here is my script:
IPF="ipfw -q add"
ipfw -q -f flush
$IPF 10 allow all from any to...
I have (courtesy of fail2ban + nginx) tables of IPs I would like to stop from accessing the server in any way (ssh, web, etc.).
When they try to ssh, pf blocks them like it should. When they access the webserver directly, they get blocked. But when they access via a proxy, I have no idea what...
I have problem to access some sites but not all, but I have internet connectivity normally.
Example this site below cannot be accessed:
I get the following message in Mozilla;
I'm currently using hblock with Arch Linux on my laptop:
and now I'm wondering what the recommended approach for something like this could be when using FreeBSD.
What comes to mind:
Simply stick to using a hosts file
Use a DNS resolver like unbound with a blocklist
Use a DNS proxy like...
After spend some days searching about my issue,I come here to try the luck.
I 'm runing an webserver using:
Using IPFW as firewall.
Main problem is about Curl, this one with IPFW enabled is getting timeout and does not work.
Hi Guys, i don't find nothing on the net about GeoIP for PF, I searched a lot but nothing, I need to block states or create a white list of states that can access the server so I can make things easier for myself, could anyone help me?
place here at the bottom of my pf configuration that is...
I want to try something but need some advice before I start.
If I open a pppoe connection on a machine which has some jails instantiated,
could these (maybe compromised) jails do something nasty with that tun device?
In my understanding the kernel creates the pppoe device which...
Hello everyone. to the point, I would to ask something about port portforwarding. is portforwarding very slow connection? My friends opened my server actually is really fast (about 20ms). But when I opened it, it is very slow to opened the web from the my ip public. sometime when I opened it is...
I installed fresh installation of FreeBSD 12.0 minimal; I then installed minimal packages, the rest was done via ports. I did freebsd-update fetch in install - it wen along OK.
Afterwords I get errors like: kldload: can't load pf: Operation not permitted and kldload: can't load...
I am using ipfw for firewalling on a FreeBSD 11 box. Unfortunately I cannot wrap my head around the fact that/why the following rule does not match when I initiate a TCP connection to 2a00:1450:4001:814::2003 (that is Google...):
ipfw add 340 set 5 count dst-ip6 2a00:1450:4001:814::2003...