OpenBSD Journal

pf mailing list

Contributed by jose on from the more-mail dept.

Daniel Hartmeier writes:
"pf aficionados are cordially invited to join the mailing list that deals with any aspect of packet filtering on OpenBSD. Subscribe, grab a chair, and enjoy the discussion while sipping on a martini (shaken, not stirred, of course :).
echo subscribe | pf-request@benzedrine.cx
Online archives: http://www.benzedrine.cx/pf/ http://marc.theaimsgroup.com/?l=openbsd-pf "
Now is your chance to shape your packet filter! I really should submit some patches I wrote recently ....

(Comments are closed)


Comments
  1. By Anonymous Coward () on

    --- subscribe.sh Sat Oct 12 00:36:59 2002 +++ subscribe_2.sh Sat Oct 12 00:37:17 2002 @@ -1 +1 @@ -echo subscribe | pf-request@benzedrine.cx +echo subscribe | mail pf-request@benzedrine.cx

  2. By Anonymous Coward () on

    --- subscribe.sh Sat Oct 12 00:36:59 2002 +++ subscribe_2.sh Sat Oct 12 00:37:17 2002 @@ -1 +1 @@ -echo subscribe | pf-request@benzedrine.cx +echo subscribe | mail pf-request@benzedrine.cx

  3. By RC () on

    In the eternal struggle to stop network attacks, I was wondering if there are any firewall-type programs to enforce strict rules on traffic.

    In pf, you can drop traffic if it has options you don't like, but what about further filtering? Does anything attempt to verify that a request to an HTTP server is a valid string and not an exploit, or that return traffic is valid, and not a remote shell?

    What I'm talking about is traffic normalization, not IDS-style pattern matching. Are there any projects working torwards such a thing?

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]