DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Security

FreeBSD Security Securing FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 1 Week Ago
irukandji irukandji is offline
Port Guard
 
Join Date: Jul 2013
Posts: 16
Default PF filtering on VIMAGE/VNET device

I have strange issue which i really cant nail it - trying to do it for months - to set up honeypot within a jail.

I cant filter the traffic coming from jail to host running jails. Outgoing traffic to any other pysical host on internal networks works nicely but once i try to prevent traffic from jail to host it fails miserably.

The funny thing is that running tcpdump -i vnet0:3 is showing the traffic but pf doesnt block it.

block quick on vnet0:3 proto tcp from $jail_ip to any

There is one way i can do it, to actually block traffic on physical interface as 'in' rule but this seems clumsy.

The rule blocks fine if i try to access internet/internal network but fails if i try to access host.

Additional problem i have is writting rules, device is composed out of vnet0:<jail id> and the id is changing, how to fix this except scripting it?

Thank you for your help (or even reading this )
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pf filtering phyro OpenBSD Security 2 19th March 2013 09:05 AM
PF - packets filtering by length? magnesik OpenBSD Security 3 3rd July 2011 12:46 PM
Web content filtering Crypt FreeBSD Security 14 14th December 2008 02:38 PM
identifying device associated with USB device? spiderpig OpenBSD General 2 7th July 2008 05:18 AM


All times are GMT. The time now is 08:19 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick