Displaying 20 results from an estimated 40000 matches similar to: "natd and logging"
2003 Oct 30
1
Using racoon-negotiated IPSec with ipfw and natd
[ -netters, please Cc me or security@ with replies. ]
I'm running into trouble integrating dynamic racoon-based IPSec into a network
with ipfw and natd. I need to be able to allow VPN access from any address
from authenticated clients. I've got the dynamic VPN working, with racoon
negotiating SAs and installing SPs, but the problem is that I can't tell
whether an incoming packet on
2003 Jun 08
1
redirect unauthorized users to a login page (natd as a transparent proxy)
Hello
I am trying to redirect all http traffic of unauthorized wifi users on a
wireless hotspot to a login page. The problem I have is that I can not
disable the regular address translation (I want the source address to stay
the same).
10.0.0.7 is the wifi client
195.250.155.29 is the web wifi user tries to access from his browser
195.113.17.94 is my login page
10.0.0.1 is the wifi
2003 Aug 18
0
question about routing, firewall, natd and bridge
Hallo there,
I had to change the provider. And after that my public IP adress are
routed straight through FreeBSD Box. What is it
best way to do it?
I personally done it the way, where exist the localnet alias for every
interface... eg..
ifconfig_ed0="inet 62.168.40.188 netmask 255.255.255.252 broadcast
62.168.40.191"
after that there is local interface 192.168.1.1/255
and it's
2003 Sep 15
5
strange problem with: ed driver / 4.9-PRE
Hi,
in the kernel I have these lines:
[...]
device miibus # MII bus support
device rl
device ed
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
options IPFIREWALL_VERBOSE_LIMIT=0 #limit verbosity
options IPDIVERT #divert sockets
options DUMMYNET
2005 Feb 15
0
weird queue keep-state behavior
I'm just one of those weirdos, who wanna make a powerfull queues shaper (not QoS but near) with ipfw2 on their freebsd 4.x-stable.
My server is using frequently used configuration with NAT+FW ADSL router with one external ip on external network interface (we're using ADSL modem in bringe mode).
I've configured single pipe, configured queues to use that pipe, add queues with different
2005 May 11
3
icmp problem
hi i have a problem with my icmp, i have a router that
performs nat. i cannot ping to internet hosts from
more than one stations situated behind NAT at once. if
i want to ping from another station i have to stop the
ping that was initiated from the first host, and after
a few seconds i can ping from another station.i've
checked firewll and i have no ipfw rules that could
stop icmp traffic.
2003 Apr 25
2
firewalling help/audit
Hi !
First of all, I am sorry if this is not the list for that, but I've been
learning (a little bit...) a way to implement a freeBSD firewall.
So far I came up with a set of rules I would like to show you for commenting.
I am sure there're a lot of errors and/or stupid rules (I am not sure the
rules order is good for what I need) and I would be really pleased if one
could have a look
2003 Jun 11
7
IPFW: combining "divert natd" with "keep-state"
I've been using ipfw for a while to create a router with NAT
and packet filtering, but have never combined it with
stateful filtering, instead using things like "established" to
accept incoming TCP packets which are part of a conversation
initiated from the "inside".
I'd like to move to using keep-state/check-state to get tighter
filtering and also to allow outgoing
2003 Nov 21
0
how to get IPFW rules for SMTP server behind NAT server "right"?
hi all,
i've been struggling with setting appropriate rules for an SMTP-server
behind by NAT'd firewall.
it's not that there is too little info on the web -- or here, for that
matter -- there's scads of it for seemingly endless configs/req'ts --
none that seem to be exactly my own.
bottom line: i'm a bit confused, and looking for some experienced
advice.
my goals (for
2003 May 22
0
VPN IPSEC WIRELESS
I am having problems in the implementation of a VPN, below made a project of my net:
INTRANET
(10.0.0.0/24)
|
10.0.0.5
xl0
NetBSD IPNAT ( map wi0 10.0.0.0/24 -> 192.168.213.10 )
wi0
192.168.213.10/30
|
|
Wireless
VPN
|
|
192.168.213.9/30
xl2
FreeBSD NATD ( divert natd all from any to any )
xl0
200.x.x.5/24
|
200.x.x.1/24
2007 Aug 23
2
Classful queuing solution
Dear all,
I am trying to set up multi-user traffic control. In short, I want each
user (each IP) to be hard limited to 128kbit download and 64kbit upload.
On top of that, I want interactive traffic (ICMP, ACK packets, SSH, etc)
to be prioritised to minimise latency. It sounds like it ought to be
done with a classful qdisc but I don''t really know what I''m doing. I
think I
2003 May 12
1
[Fwd: Re: Down the MPD road]
Made a typo in the cc: line. Coffee time, I guess.
-------- Original Message --------
Date: Mon, 12 May 2003 19:52:17 -0400
From: Bob K <melange@yip.org>
To: Michael Collette <metrol@metrol.net>
CC: freebsd.-security@freebsd.org
Subject: Re: Down the MPD road
> I did this, and it does correct the immediate problem. Of course, it
> also
> creates a new glitchy.
>
2007 Aug 07
0
Classful queues
Dear all,
I am trying to set up multi-user traffic control. In short, I want each
user to be hard limited to 128kbit download and 64kbit upload. On top of
that, I want interactive traffic (ICMP, ACK packets, SSH, etc) to be
prioritised to minimise latency. It sounds like it ought to be done with
a classful qdisc but I don''t really know what I''m doing. I think I want
2003 May 11
1
No subject
Hi all!
Short question: could anyone point me to documents regarding topics:
jails! & nat & (ipfw|ip tables) - I'm in process to build a new system...
Planned layout:
NET---router/nat-----gateway:freebsd5.x/nat--------inner net
| | |
| | L- apache/php (lo_alias1)
| L------ mail server (lo_alias2)
2003 Jul 16
0
accessing a jail via localhost
I'm facing a problem with accessing a HTTPd (Apache) jail locally. Consider
this jail scenario:
/etc/hosts:
127.0.0.1 localhost foo.com
172.16.0.1 apache
/etc/natd.conf:
use_sockets yes
same_ports yes
unregistered_only yes
redirect_port tcp 172.16.0.1:80 80
redirect_port tcp 172.16.0.1:443 443
/etc/firewall.sh
...
${fwcmd} add divert natd all from any to any via ${oif}(IPFW)
...
rl0, my
2005 May 16
0
Configure a FreeBSD firewall to pass IPSec?
Greg White,.
I have noted your comment on some documentation found on the web, "I have
successfully (and repeatedly) used Nortel VPN client on a NATed host through a
FreeBSD gateway."
Currently i have the same problem with a Nortel BCM Running M$ Windows VPN, the
BCM sit's behind a FreeBSD Firewall / NATD.
---- Network ----
ADSL Modem
|
FreeBSD Server / Gateway / HTTP etc.
2004 Aug 17
0
pp_nat & port_forwarding
Hi guys!
I'm doing dialup-firewalling with ppp_nat. I know the solutions to do redircet
witch natd in the nat.conf. Is there a possibility to do it with ppp_nat?
Greetings
Alex Huth
2003 May 12
0
Gateway config
>On Sunday 11 May 2003 03:19 pm, freebsdquestions@schatti.ch wrote:
>> Hi all!
>>
>> Short question: could anyone point me to documents regarding topics:
>> jails! & nat & (ipfw|ip tables) - I'm in process to build a new system...
>> Planned layout:
>>
>> NET---router/nat-----gateway:freebsd5.x/nat--------inner net
>>
>>
2004 Jan 22
1
log messages to a specific file
I am trying to configure syslog.conf to send messages from one of my hosts
to a select file for that host. The host is currently sending messages to
the syslog server and they are being logged but I would like to have all
the messages from this host go to a separate file. FreeBSD 4.9-RELEASE
# $FreeBSD: src/etc/syslog.conf,v 1.13.2.4 2003/05/12 13:59:23 yar Exp $
#
# Spaces ARE valid field
2004 May 06
1
scheduled pings
Hello,
I have just setup some ipfw rules to checkout some traffic to one of my
boxes. I have three servers, only one of which has weird traffic. It
is getting ping'd on a five minute interval from approx 3 to 8 different
ip addresses within the same second. For example:
May 3 20:20:03 gaspra kernel: ipfw: 65002 Deny ICMP:8.0 202.160.241.130
xxx.xxx.xxx.xxx in via dc0
May 3 20:20:13