View Single Post
  #5   (View Single Post)  
Old 30th June 2010
sharris sharris is offline
Package Pilot
 
Join Date: Jun 2010
Posts: 146
Default

Hello ocicat,

Quote:
I hope you recognize that the probability for success attainable with such a methodology is quite low.
I see your point. For me, I learn better by examples. Windows Programming sample code is one size fits all, compile and run it, than make it smaller and faster once you understand how it works. But Networking code is another story. Difference rules for difference things and many things are still experimental/growing. So I can't just expect anything to run unless it's customized for a particular networking environment. That was really silly of me to think any difference but I am so excited about Networking and FreeBSD, I even post every possible file before anyone ask "post your ..."

Quote:
As for sources of information on pf(4), Hansteen's manuscript is one of the better free introductions on the subject:
I am a little slow by nature, but I did tried to read quite a few packet filtering tutors and examples found on the INTERNET but all I understood was bits and pieces and thought I would stumble on the magic bullet but I did not for the first time. This is one excellent tutor and it had the magic bullet I been looking for.

... with here, what you really want to use is probably a rule which says
pass inet proto tcp from ep1:network to any port $ports keep state
to let your local net access the Internet and leave the detective work to the antispoof and scrub code.

I wouldn't thought scrub code had anything to do with this even if I had knew what scrub code does.

Thank you very much for the keys to it all ocicat including your post which is as great to me as Hansteen's manuscript itself... I will not be back until I get most of this my head and some. It may take me days ...

Thanks again ocicat
Reply With Quote