|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
ipfw and dhcp
Post 302454670 by mrowcp on Sunday 19th of September 2010 05:15:07 PM
09-19-2010
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
i am running nat on my freeBSD and web/ftp server.
The rule allow ip from any to any must always be? or how? if i accept all packets to go on my ep0 which diverts all to my intranet it doesnt help, must the rule allow ip from any to any always be ?
even if many rules are between divert rule and... (3 Replies)
Discussion started by: hachik
3 Replies
2. Cybersecurity
Is there a general rule I can apply when examining/editing ipfw entries?
Also, does each new entry have to have a unique rule number?
And, I think I can write a script to block code red infected machines (though I'm not sure it would do more than slim down my web server error message log),... (0 Replies)
Discussion started by: [MA]Flying_Meat
0 Replies
3. BSD
just as the title says.
thanks.
#General Rule Sets
/sbin/ipfw add 0300 check-state
/sbin/ipfw add 0301 deny tcp from any to any in established
/sbin/ipfw add 0302 pass tcp from any to any out setup keep-state
/sbin/ipfw add 0303 pass udp from any to any out
#SSH FTP
/sbin/ipfw add 0400... (11 Replies)
Discussion started by: dwildgoose
11 Replies
4. UNIX for Dummies Questions & Answers
Hi folks,
I am a Mac User, and have little knowledge on IPFW.
I have a set up at home where my computer (with 2 ethernet cards and static IP adresses) serves Internet to my family's computers.
I have already a script that will run automatically at login and called from Cron at certain... (2 Replies)
Discussion started by: fundidor
2 Replies
5. Cybersecurity
Hello.
I hope you can help me please.
We are about to bring a few servers online which will be hosting different things...
For one server, it will be hosting a HTTPd, and just wanted to know whether these rules are correct that I have?
To ensure the right interfaces etc, here's a copy of... (1 Reply)
Discussion started by: DanUK
1 Replies
6. BSD
Hi!
I've already posted this on the freebsd-questions mailing list, but I thought I could try it here too.
I'm using FreeBSD 7.0 with IPFW DUMMYNET enabled.
I've got a problem with creating a ruleset, which allows me to limit the overall bandwidth of a link and afterwards pass the packets... (0 Replies)
Discussion started by: xenator
0 Replies
7. Cybersecurity
Hello, excuse my English. Please could tell me how I can pass this syntax for iptables to ipfw.
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -m recent
--set --name thor --rdest -j ACCEPT
iptables -A INPUT -p tcp -m tcp --tcp-flag RST RST -m state --state
ESTABLISHED -m recent... (0 Replies)
Discussion started by: dot357
0 Replies
8. Shell Programming and Scripting
Hello,
This is an SSH Block hammer script using ipfw, that I have modified for my own use. It is for a freenas 7.2 box which is FreeBSD based.
The script works, but if there is more then one hammer attack per day, my issue is the script reads the first five instances of refused or invalid... (2 Replies)
Discussion started by: dpreviti
2 Replies
9. IP Networking
Hi All ,
please view the set up below:
-------------------------------------------------------------------
| DHCP Server |-----------| ROUTER & |-----------| Clients |
| 192.168.99.1 | - -<eth1>| DHCP-RELAY|<eth2>-- | 192.168.88.X |
... (2 Replies)
Discussion started by: gdangoor
2 Replies
10. OS X (Apple)
Under Mountain Lion, I want logs from ipfw sent to ipfw.log instead of dumped in system.log I've tried to figure out how OSX handles logs, but... after going back and forth between a syslog.conf which does little if anything, a newsyslog.conf that seems to only handle rotation, an asl.conf that... (3 Replies)
Discussion started by: jnojr
3 Replies
LEARN ABOUT DEBIAN
oidentd_masq.conf
oidentd_masq.conf(5) File Formats Manual oidentd_masq.conf(5) NAME
oidentd_masq.conf - oidentd IP masquerading/NAT configuration file. DESCRIPTION
If you are using IP masquerading or NAT, oidentd can optionally return a username for connections from other machines. Support for this is specified by calling oidentd with the -m (or --masq) flag and by creating an /etc/oidentd_masq.conf file. oidentd can also forward requests for an IP masqueraded connection to the machine from which connection originates by way of the -f option. This will only work if the host to which the connection is forwarded is running oidentd with the -P (proxy) flag, or if the host's ident daemon will return a valid reply regardless of the input supplied by and the address of the host requesting the info (some ident daemons for windows do this, maybe others). FORMAT
<IP Address|Hostname>[/<Mask>] <Ident Response> <System Type> The first field contains the IP address or the hostname of a machine that IP masquerades through the machine on which oidentd runs. The mask parameter can be either a network mask or a mask in CIDR notation. A mask of 24 is equivalent to 255.255.255.0, a mask of 16 is equivalent to 255.255.0.0, etc. The second field specifies the reply that oidentd will return for lookups to the host matching the IP address specified in the first param- eter. The third field specifies the operating system the machine matching the first parameter is running. EXAMPLES
<Host>[/<Mask>] <Ident Response> <System Type> 192.168.1.1 someone UNIX 192.168.1.2 noone WINDOWS 192.168.1.1/32 user1 UNIX 192.168.1.0/24 user3 UNIX 192.168.0.0/16 user4 UNIX somehost user5 UNIX 192.168.1.0/255.255.255.0 user6 UNIX AUTHOR
Ryan McCabe <ryan@numb.org> http://dev.ojnk.net SEE ALSO
oidentd(8) oidentd.conf(5) version 2.0.8 13 Jul 2003 oidentd_masq.conf(5)