Posts Tagged ‘PF’

Connecting to a Windows PPTP based VPN through a OpenBSD / PF firewall

Thursday, September 21st, 2006

To be able to connect to a Windows based PPTP VPN through a OpenBSD firewall you’ll need to make a couple of changes to allow GRE traffic through.
first add the following to /etc/sysctl.conf:
net.inet.gre.allow=1
net.inet.gre.wccp=1
net.inet.mobileip.allow=1

then add the following to the filter section in your /etc/pf.conf:
pass in on $ext_if proto gre all keep state
pass out on $ext_if proto gre all keep state

To make the changes effective without having to reboot issue the following as root:

sysctl net.inet.gre.allow=1
sysctl net.inet.gre.wccp=1
sysctl net.inet.mobileip.allow=1
pfctl -f /etc/pf.conf

Tags: , , , ,
Posted in OpenBSD | 2 Comments »

Chillispot PF Config & More

Monday, August 28th, 2006

I have just submitted a PR to update my port for FreeBSD
The update contains a Install guide which covers install & config of Chillispot, Apache 1.3.x with mod_ssl, MySQL 4.1.x & freeRADIUS + A sample PF config file aswell as a IPFW config file & a RC startup script.
If you can’t wait till it’s merged into the tree you can grab a copy of the port from here

Tags: , ,
Posted in FreeBSD | 1 Comment »

PF Statistics

Sunday, July 3rd, 2005

I’ve gone stat & monitoring crazy in the past few weeks, using Hatchet you can generate graphs & charts from the PF log files on the state of PF. Another tool is also available called pfrtg which does a similar job.

Tags: , , ,
Posted in OpenBSD | No Comments »