So I just learned that there's two methods to doing NAT in FreeBSD. The apparently old natd + divert way, which is documented in the handbook, and the new in-kernel ipfw+nat way, that is randomly documented by Google. Is anyone ever going to update the handbook to over ipfw+NAT? The man page...
Can you help? I know There was a similar topic, but I did not understand the answer.
I have rules for my BSD System for defend apache.
I have error:
/usr/local/etc/pf.conf:31: Rules must be in order: options, normalization, queueing, translation, filtering
I do not understand...
With all the fuzz and issues with security and privacy these days I decided to give it a go with a VPN, mostly for the fun and challenge.
I am partially done with a scenario that sounds very typical these days, although it is not necessary plain vanilla.
The overall idea is...
On lte 4g i recognised some crashing behaviours which didn't occur on cable. This happens with wine and other sensitive programs.
autodisconnect decimal -1
change mtu on your network-card-settings down to your...
I don't know if it's Ryzen which is causing this and if it's the Ryzen-bug or if it is something else.
Commands like this are causing kernel-panics:
ipfw table test create type number algo number:array
ipfw table test add 1001
ipfw table test add 1002
ipfw table test add 1003
ipfw table test...
I want to mount a firewall. I have the idea of that my traffic could be "sniffered" by somebody. So I will ask for how to mount a firewall, here, on my desktop installation but also on another equipment.
Besides, I want to know what else can I do for making the most miserable the attack of a...
I am a regular linux user of about 10 years. I am now looking to learn freeBSD. icsdhcp,gateways,ipsec and pf, ect. I am using vmware to create my network and finding that i read a doc on dhcp.conf and realize 1h later its for a version 2 years old and openBSD.
I would like...
EDIT: the problem is solved
i had used Debian at the last several years and i'm very new to FreeBSD.
I tryed to port my configuration for fail2ban from my Debian machines to FreeBSD (with the modification due the firewall has changed).
In my testing phase i have found out that the...
I am using 11.1 on my two laptops. One has a wireless card which currently not supported, other's wireless card is out of order. I have 8.1 on my one laptop, and desktop none of which have wireless connectivity. I dont have a technical use of FreeBSD on these four machines. I use them as...
Almost every single ipfw ruleset I create has this as the very first rule:
allow tcp from any to any established
... and I just noticed that ipfw allows me to specify a port on this rule:
allow tcp from any to any 22 established
If I create a new connection to port 22, I need a rule to allow...
Quick question. What could be the issue why I cannot ping my jail from local machine or local machine from jail? I thought it is pf.conf rdr somewhere wrong but now I am thinking about routing table not right. I can access anything from outside to jail. I have teamspeak3 server and if I...
each time I reload my pf.conf using the command:
pfctl -F all -f /etc/pf.conf
my ssh session dies. It does not just hang for a few seconds. It simply dies and I have to launch a new one. This happens even though both the old and the new configurations allow incoming connexion to the ssh...
I'm in progress of migrating my centos openvpn dualstack server to freebsd.
I got a problem with ipv6 connection and im not shure what is the problem.
IPv4 is working fine through the tunnel. IPv6 icmp is possible, but nameservers are not reachable on :53 or anything else except via...
OK, after reading the handbook several times, my brain is just not getting what is wrong with my pf.conf:
set block-policy return
block in all
pass out all keep state
pass in on wlan0 inet6 proto tcp from port 50000 keep state
pass in on wlan0 inet proto tcp from port 50000 keep state
From 2006 to now I've been running FreeBSD 6.1 on a Dell Optiplex GX1. It has a 500MHz CPU with 128MB of RAM and an Intel 82546 chipset dual port gigabit ethernet PCI card. It's been running great but I decided it's time to upgrade FreeBSD. I proceeded to install FreeBSD 11.0-RELEASE...
Hi there :)
Someone has demonstrated for a while running OpenStack hosted on FreeBSD 11. Described right here
For me that sounds awesome. I would like to have a similar setup now with FreeBSD 11 XEN and hosting OpenStack on Dom0. The minimum goal is to run FreeBSD as an Nova Compute
I have FreeBSD 11 on a server where I've installed OpenVPN and I need to setup VPN properly to be able to put internet traffic through it.
I can't connect to the internet anymore from my local computer after I've established a connection with my server via VPN. I guess the issue is port...
I've been using the PF module for NATing/firewalling purposes (8 cores, 16 GB RAM hardware), it seems to be doing good under normal traffic. But during TCP SYN floods it suffers a lot. I want the SYNPROXY feature to get enabled dynamically as the traffic increases for that particular rule (based...
root@LR-Remote:~/firewall.d # uname -a
FreeBSD LR-Remote 10.3-STABLE FreeBSD 10.3-STABLE #0 r300092: Wed May 18 01:03:38 UTC 2016 firstname.lastname@example.org:/usr/obj/usr/src/sys/GENERIC amd64
This machine is IP 1922.214.171.124, and all iNet traffic on port 22 is forwarded to it from the...
Can anyone tell me if PF can be by-passed by an outsider(intruder)? I have an IP address that has already been in my ip.blocked table for two days and still its scans reach the web platform of the site where it is blocked by a firewall add-on/plugin at application level.
Any help is welcome.