Displaying 9 results from an estimated 9 matches for "pflog0".
2005 Oct 25
1
pf and short packets
...uick on lo0 all
and when i'm trying to rsh to ipcad that is listening on
anna# netstat -a|grep shell
tcp4 0 0 localhost.shell *.* LISTEN
anna# rsh -l root localhost show ip accounting
i got no replay, but pflog says the following:
anna# tcpdump -n -e -ttt -x -i pflog0 host 127.0.0.1
000034 rule 0/3(short): pass out on lo0: IP 127.0.0.1.514 >
127.0.0.1.643: . ack 30 win 65535
0x0000: 4600 002c 6605 4000 0306 11c5 7f00 0001 F..,f.@.........
0x0010: 7f00 0001 0100 0000 0202 0283 8129 5dab .............)].
0x0020: 5db7 f2f2 5010 f...
2013 Jan 06
2
audit events confusion
...ing the userid who tried to do it.
header,79,11,connect(2),0,Sun Jan 6 17:06:04 2013, + 439
msec,argument,1,0x3,fd,subject,tw,tw,tw,tw,tw,54100,54064,13556,64.7.yy.yy,return,failure
: Operation not permitted,4294967295,trailer,79,
But if I make a simple php script to try and connect out, again, pflog0
blocks it and logs it, but it does not show up in the audit logs
17:07:46.518501 rule 433/0(match): block out on em0: 64.7.xx.xx.36528 >
8.8.8.8.25: Flags [S], seq 1724105073, win 65535, options [mss
1460,nop,wscale 3,sackOK,TS val 177324430 ecr 0], length 0
Any idea what I am missing ?
This...
2010 Nov 09
1
Is this a DDoS to reach Asterisk?
...ting
ports opened for a web server which I have totally closed now but when I
chose option 10 (filter log) on pfSense I get all of this type of traffic
(note that it was only 1 single IP and once I blocked that one it was like
opening a can full of bees with all different IPs):
tcpdump: WARNING: pflog0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96
bytes
000000 rule 70/0(match): block in on vr1: 221.132.34.165.33556 >
69.90.78.53.52229: tcp 20 [bad hdr length 0 - to...
2007 Sep 28
0
samba-3.0.24 on openbsd: low throughput
...00:e0:81:72:7d:05 1859059 2 1872743
0 0
em0 1500 10.0.0/24 databank.X 1859059 2 1872743 0 0
em0 1500 fe80::%em0/ fe80::2e0:81ff:fe 1859059 2 1872743
0 0
em1* 1500 <Link> 00:e0:81:72:7d:06 0 0 0
0 0
pflog0* 33192 <Link> 0 0 0
0 0
enc0* 1536 <Link> 0 0 0
0 0
any advice or clues on how to get samba to turn out > 6 MBps, or
preferably > 20 MBps, would be greatly appreciated. do let...
2012 Jul 16
0
ifconfig(8) fails to set MTU on multiple interfaces.
...ption:
When using ifconfig(8) to change MTU of an interface it is not allowed.
# ifconfig lagg0 mtu 1492
ifconfig: ioctl (set mtu): Invalid argument
# ifconfig dc0 mtu 1492
ifconfig: ioctl (set mtu): Invalid argument
# ifconfig dc1 mtu 1492
ifconfig: ioctl (set mtu): Invalid argument
# ifconfig pflog0 mtu 120
ifconfig: ioctl (set mtu): Invalid argument
# ifconfig ath0 mtu 1500
ifconfig: ioctl (set mtu): Invalid argument
>How-To-Repeat:
See description.
>Fix:
No workaround known.
2013 May 22
0
em2: watchdog timeout -- resetting
..., self powered
uhub3: 6 ports with 6 removable, self powered
ugen0.3: <USB> at usbus0
ukbd0: <USB USB Keykoard, class 0/0, rev 1.10/1.10, addr 3> on usbus0
kbd2 at ukbd0
uhid0: <USB USB Keykoard, class 0/0, rev 1.10/1.10, addr 3> on usbus0
Trying to mount root from ufs:/dev/ad4s1a
pflog0: promiscuous mode enabled
em2: link state changed to UP
bridge0: promiscuous mode enabled
pflog0: promiscuous mode disabled
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for...
2008 Feb 13
3
AMD64 vs i386, ifstat and bsnmp
...> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:15:17:50:40:29
inet 192.168.245.11 netmask 0xffffff00 broadcast 192.168.245.255
media: Ethernet autoselect (1000baseTX <full-duplex>)
status: active
pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33160
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet 127.0.0.1 netmask 0xff000000
[ns8]#
snmpwalk -v1 -c xxxx ns8 .1.3.6.1.2.1.25.3.3.1 with ULE gives a bogus value
HOST-RESOURCES-MIB::hrProcessorFrwID.3 =...
2012 Sep 19
1
Strange IPv6 in FreeBSD 9.1RC1
...without issue, which is strange, since I would figure if
there were network issues, then I would see it for both in and out. So box
sends a syn outbound, ack is never returned. I can see on the destination
boxes interface that the return packet is never actually generated.
Running tcpdump -nei pflog0 doesn't show any blocked return packets, so I
think the packets are just not getting generated. I don't really
understand how this could be honestly.
I first thought it was an issue with a Linux box, since its running a
service that both boxes are trying to talk to, but I don't think...
2005 Jul 14
2
[ronvdaal@zarathustra.linux666.com: Possible security issue with FreeBSD 5.4 jailing and BPF]
This message was sent to bugtraq today:
While playing around with FreeBSD 5.4 and jailing I discovered that it was
possible to put an ethernet interface into promiscious mode from within the
jailed environment, allowing a packetsniffer to gather data not meant for
the jailed box. This also affects FreeBSD 5.3 (tested) but not FreeBSD 4.x
This can be reproduced on boxes where BPF support is