It's already been a week now since I've started fiddling my rules and i just ended up with having 1 client ONLY to successfully connect to an external pptp server. the openbsdmail-lists says that, it's pptp's fault. because it's old but i believe it's a challenge.
we'll see what happens next. anyways below are the 2 rules I've come up with. that will let pptp pass-through a PF/Carp box (OpenbSD 4.1 Tested): Just make sure you pass TCP and GRE Traffic.
given setup is (BLOCK in/out ALL)
#Rule Style 1
pass out quick on $ext_if inet proto gre all label "GRE out WAN"
pass in quick on $ext_if inet proto gre all label "GRE in WAN"
pass out quick on $int_if inet proto gre all label "GRE out LAN"
pass in quick on $int_if inet proto gre all label "GRE in LAN"
pass out quick on $int_if inet proto { tcp, udp } from any to any port 1723
pass in quick on $int_if inet proto { tcp, udp } from any to any port 1723
pass out quick on $ext_if inet proto { tcp, udp } from any to any port 1723
pass in quick on $ext_if inet proto { tcp, udp } from any to any port 1723
Rule Style 2
pass in quick on $int_if inet proto { tcp, udp } from any to any port 1723
pass in inet proto gre from any to any
pass out inet proto gre from any to any
frickin is not a good way to pass-pptp. i guess it can be done on the kernel justlike linux's ppt-passthrough.
Friday, November 23, 2007
Saturday, November 17, 2007
Monday, November 5, 2007
OpenBSD 4.2
It's already been 4 days since 4.2's initial release, I am currently running my firewalls on 4.1 pf has been good to me and without a doubt pf(4) simply.. rocks..
I'm gonna try out 4.2 on a practice machine i have in the office, it looks like xenocara will kick ass with openbsd. great documented OS with a modular type X.
Errata for 4.2
http://openbsd.org/errata42.html
http://openbsd.org
:) my os of choice.
I'm gonna try out 4.2 on a practice machine i have in the office, it looks like xenocara will kick ass with openbsd. great documented OS with a modular type X.
Errata for 4.2
http://openbsd.org/errata42.html
http://openbsd.org
:) my os of choice.
Friday, November 2, 2007
What's in austria anyways?
Now I have a good reason to go and visit Austria...
checkout:
http://en.wikipedia.org/wiki/Fucking,_Austria
Subscribe to:
Posts (Atom)
Posts
