DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 9th January 2009
robbak's Avatar
robbak robbak is offline
Real Name: Robert Backhaus
VPN Cryptographer
 
Join Date: May 2008
Location: North Queensland, Australia
Posts: 366
Thanked 40 Times in 39 Posts
Default

Good to hear. When you have it worked out, we (and anyone who finds this thread at the end of a google search) would be interested in the solution you worked out.

(for instance, there may have been a problem with the rdr rules that I specified - I am going to try it and see later - that may prevent ssh sessions from continuing. When the local and remote machines start communication, state rules created by the nat engine would reset the 'to' address, so my rdr rules will not see the packets, because they will no longer have the to address set to ($ext_if). This means that the necessary port redirection may not take place. Or maybe pf will recognise what we are trying to do and make it just so. Perhaps this would be better:
Code:
rdr on $ext_if from any to {($ext_if), 102.168.1.101} port 1022 -> 102.168.1.101 port 22
Not that i know that it would work or not.)
__________________
The only dumb question is a question not asked.
The only dumb answer is an answer not given.
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
K3b cannot find growisofs maxrussell FreeBSD General 5 26th April 2009 12:20 PM
hahaha noob mistake, file called -z... michaelrmgreen FreeBSD General 8 9th December 2008 12:12 AM
pkg inside non-global zone? nacredata Solaris 2 30th September 2008 11:50 PM
pkg_add g95;g95 x.f95: cannot find g95 enpey OpenBSD Packages and Ports 8 27th August 2008 12:48 AM
Zone problem c0mrade General software and network 3 22nd June 2008 03:31 PM


All times are GMT. The time now is 09:51 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick