Quote:
Originally Posted by J65nko
[*]Start a web browser and watch the tcpdump window/xterm to see what you are missing.  [/list] |
lol. I think I may have forgotten the "pass out all" rule. That's why I didn't have any connection at all.
Here is my complete pf.conf again. Thank you very much for your help.
Can you find more mistakes? For now, it seems to work fine with browsing but the port 62222 for transmission seems closed. Why is this happening?
Code:
# macros defined
int_if="ale0"
localnet = $int_if:network
tcp_services = "{ ssh, 62222, www }"
udp_services = "{ ssh, 62222, www }"
# tables
table <bruteforce> persist file "/etc/bruteforce"
# options
set loginterface $int_if
# block rules
block log all
block quick from <bruteforce>
# pass rules
pass inet proto tcp to $localnet port $tcp_services \
keep state (max-src-conn 100, max-src-conn-rate 20/5, \
overload <bruteforce> flush global)
pass out all
I couldn't find any info on "set loginterface" though. Even in the book, it doesn't explain why and how we use this option. Can you point me to some direction or explain me why and how we use this rule?
[edit]: also, before pass out all, do I need to add the rule
Code:
pass inet proto udp to $localnet port $udp_services
or is this unnecessary because of the "pass out all" rule (last rule-->strongest rule)?
p.s. I was never been so excited with an os again...
