similar to: natd and logging

Displaying 20 results from an estimated 40000 matches similar to: "natd and logging"

2003 Oct 30
1
Using racoon-negotiated IPSec with ipfw and natd
[ -netters, please Cc me or security@ with replies. ] I'm running into trouble integrating dynamic racoon-based IPSec into a network with ipfw and natd. I need to be able to allow VPN access from any address from authenticated clients. I've got the dynamic VPN working, with racoon negotiating SAs and installing SPs, but the problem is that I can't tell whether an incoming packet on
2003 Jun 08
1
redirect unauthorized users to a login page (natd as a transparent proxy)
Hello I am trying to redirect all http traffic of unauthorized wifi users on a wireless hotspot to a login page. The problem I have is that I can not disable the regular address translation (I want the source address to stay the same). 10.0.0.7 is the wifi client 195.250.155.29 is the web wifi user tries to access from his browser 195.113.17.94 is my login page 10.0.0.1 is the wifi
2003 Aug 18
0
question about routing, firewall, natd and bridge
Hallo there, I had to change the provider. And after that my public IP adress are routed straight through FreeBSD Box. What is it best way to do it? I personally done it the way, where exist the localnet alias for every interface... eg.. ifconfig_ed0="inet 62.168.40.188 netmask 255.255.255.252 broadcast 62.168.40.191" after that there is local interface 192.168.1.1/255 and it's
2003 Sep 15
5
strange problem with: ed driver / 4.9-PRE
Hi, in the kernel I have these lines: [...] device miibus # MII bus support device rl device ed options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #enable logging to syslogd(8) options IPFIREWALL_VERBOSE_LIMIT=0 #limit verbosity options IPDIVERT #divert sockets options DUMMYNET
2005 Feb 15
0
weird queue keep-state behavior
I'm just one of those weirdos, who wanna make a powerfull queues shaper (not QoS but near) with ipfw2 on their freebsd 4.x-stable. My server is using frequently used configuration with NAT+FW ADSL router with one external ip on external network interface (we're using ADSL modem in bringe mode). I've configured single pipe, configured queues to use that pipe, add queues with different
2005 May 11
3
icmp problem
hi i have a problem with my icmp, i have a router that performs nat. i cannot ping to internet hosts from more than one stations situated behind NAT at once. if i want to ping from another station i have to stop the ping that was initiated from the first host, and after a few seconds i can ping from another station.i've checked firewll and i have no ipfw rules that could stop icmp traffic.
2003 Apr 25
2
firewalling help/audit
Hi ! First of all, I am sorry if this is not the list for that, but I've been learning (a little bit...) a way to implement a freeBSD firewall. So far I came up with a set of rules I would like to show you for commenting. I am sure there're a lot of errors and/or stupid rules (I am not sure the rules order is good for what I need) and I would be really pleased if one could have a look
2003 Jun 11
7
IPFW: combining "divert natd" with "keep-state"
I've been using ipfw for a while to create a router with NAT and packet filtering, but have never combined it with stateful filtering, instead using things like "established" to accept incoming TCP packets which are part of a conversation initiated from the "inside". I'd like to move to using keep-state/check-state to get tighter filtering and also to allow outgoing
2003 Nov 21
0
how to get IPFW rules for SMTP server behind NAT server "right"?
hi all, i've been struggling with setting appropriate rules for an SMTP-server behind by NAT'd firewall. it's not that there is too little info on the web -- or here, for that matter -- there's scads of it for seemingly endless configs/req'ts -- none that seem to be exactly my own. bottom line: i'm a bit confused, and looking for some experienced advice. my goals (for
2003 May 22
0
VPN IPSEC WIRELESS
I am having problems in the implementation of a VPN, below made a project of my net: INTRANET (10.0.0.0/24) | 10.0.0.5 xl0 NetBSD IPNAT ( map wi0 10.0.0.0/24 -> 192.168.213.10 ) wi0 192.168.213.10/30 | | Wireless VPN | | 192.168.213.9/30 xl2 FreeBSD NATD ( divert natd all from any to any ) xl0 200.x.x.5/24 | 200.x.x.1/24
2007 Aug 23
2
Classful queuing solution
Dear all, I am trying to set up multi-user traffic control. In short, I want each user (each IP) to be hard limited to 128kbit download and 64kbit upload. On top of that, I want interactive traffic (ICMP, ACK packets, SSH, etc) to be prioritised to minimise latency. It sounds like it ought to be done with a classful qdisc but I don''t really know what I''m doing. I think I
2003 May 12
1
[Fwd: Re: Down the MPD road]
Made a typo in the cc: line. Coffee time, I guess. -------- Original Message -------- Date: Mon, 12 May 2003 19:52:17 -0400 From: Bob K <melange@yip.org> To: Michael Collette <metrol@metrol.net> CC: freebsd.-security@freebsd.org Subject: Re: Down the MPD road > I did this, and it does correct the immediate problem. Of course, it > also > creates a new glitchy. >
2007 Aug 07
0
Classful queues
Dear all, I am trying to set up multi-user traffic control. In short, I want each user to be hard limited to 128kbit download and 64kbit upload. On top of that, I want interactive traffic (ICMP, ACK packets, SSH, etc) to be prioritised to minimise latency. It sounds like it ought to be done with a classful qdisc but I don''t really know what I''m doing. I think I want
2003 May 11
1
No subject
Hi all! Short question: could anyone point me to documents regarding topics: jails! & nat & (ipfw|ip tables) - I'm in process to build a new system... Planned layout: NET---router/nat-----gateway:freebsd5.x/nat--------inner net | | | | | L- apache/php (lo_alias1) | L------ mail server (lo_alias2)
2003 Jul 16
0
accessing a jail via localhost
I'm facing a problem with accessing a HTTPd (Apache) jail locally. Consider this jail scenario: /etc/hosts: 127.0.0.1 localhost foo.com 172.16.0.1 apache /etc/natd.conf: use_sockets yes same_ports yes unregistered_only yes redirect_port tcp 172.16.0.1:80 80 redirect_port tcp 172.16.0.1:443 443 /etc/firewall.sh ... ${fwcmd} add divert natd all from any to any via ${oif}(IPFW) ... rl0, my
2005 May 16
0
Configure a FreeBSD firewall to pass IPSec?
Greg White,. I have noted your comment on some documentation found on the web, "I have successfully (and repeatedly) used Nortel VPN client on a NATed host through a FreeBSD gateway." Currently i have the same problem with a Nortel BCM Running M$ Windows VPN, the BCM sit's behind a FreeBSD Firewall / NATD. ---- Network ---- ADSL Modem | FreeBSD Server / Gateway / HTTP etc.
2004 Aug 17
0
pp_nat & port_forwarding
Hi guys! I'm doing dialup-firewalling with ppp_nat. I know the solutions to do redircet witch natd in the nat.conf. Is there a possibility to do it with ppp_nat? Greetings Alex Huth
2003 May 12
0
Gateway config
>On Sunday 11 May 2003 03:19 pm, freebsdquestions@schatti.ch wrote: >> Hi all! >> >> Short question: could anyone point me to documents regarding topics: >> jails! & nat & (ipfw|ip tables) - I'm in process to build a new system... >> Planned layout: >> >> NET---router/nat-----gateway:freebsd5.x/nat--------inner net >> >>
2004 Jan 22
1
log messages to a specific file
I am trying to configure syslog.conf to send messages from one of my hosts to a select file for that host. The host is currently sending messages to the syslog server and they are being logged but I would like to have all the messages from this host go to a separate file. FreeBSD 4.9-RELEASE # $FreeBSD: src/etc/syslog.conf,v 1.13.2.4 2003/05/12 13:59:23 yar Exp $ # # Spaces ARE valid field
2004 May 06
1
scheduled pings
Hello, I have just setup some ipfw rules to checkout some traffic to one of my boxes. I have three servers, only one of which has weird traffic. It is getting ping'd on a five minute interval from approx 3 to 8 different ip addresses within the same second. For example: May 3 20:20:03 gaspra kernel: ipfw: 65002 Deny ICMP:8.0 202.160.241.130 xxx.xxx.xxx.xxx in via dc0 May 3 20:20:13