nixCraft

HawaiiMan08 · #1 (**permalink**) 02-08-2008, 04:47 AM

New to nixCraft forum. We have Open BSD 3.9 firewall in place and it works fine. We have full access with L & P and would like to learn more on the OS side from someone who has experience with firewall setup and operations. All thread posts will be appreciated.

rockdalinux · #2 (**permalink**) 02-08-2008, 05:34 AM

Hi,

Welcome to forum!

Do you have any specific question or problem regarding PF firewall? Do you need information about specific topic?

BTW, OpenBSD 4.3 is stable version.

HawaiiMan08 · #3 (**permalink**) 02-08-2008, 06:32 AM

Specifically we would like to do the following:

1. Monitor incoming traffic and see the logs.
2. Be able to connect additional servers to the Internet via Port 80.
3. To open and close new ports.
4. To update OpenBSD.
5. To see incoming mail and re-direct alerts to admin or a email address.

We need a full evaluation of the current setup and activate other features that I believe are available in OpenBSD for more effective management.

rockdalinux · #4 (**permalink**) 02-08-2008, 01:48 PM

Quote:

Originally Posted by HawaiiMan08

1. Monitor incoming traffic and see the logs.

/var/log/pflog is default binary log file. To monitor traffic in real time type

Code:

tcpdump -n -e -ttt -i pflog0

To view the log file:

Code:

tcpdump -n -e -ttt -r /var/log/pflog

However, you need to log traffic using log keyword, for example, log all udp 53, traffic you may enter something as follows:

Code:

pass in log (all) on em1 inet proto udp port 53 keep state

Quote:

Originally Posted by HawaiiMan08

2. Be able to connect additional servers to the Internet via Port 80.

One port can be used by one server at a time. So port 80 can be used by apache. What do you mean by connect additonal servers via port 80?

Quote:

Originally Posted by HawaiiMan08

3. To open and close new ports.

You need to use following rule to open port, 80 or 22

Code:

pass in on $ext_if proto tcp from any to any port 80 flags S/SA synproxy modulate state
# Open SSH port
pass in on $ext_if proto tcp from any to any port 22 flags S/SA synproxy modulate state

Quote:

Originally Posted by HawaiiMan08

4. To update OpenBSD.

15 - The OpenBSD packages and ports system

Quote:

Originally Posted by HawaiiMan08

5. To see incoming mail and re-direct alerts to admin or a email address.

You can see it via log file located in /var/log directory. Usually, it is /var/log/maillog.

Code:

tail -f  /var/log/maillog

Try following resources for further information:
PF Firewall

PF: The OpenBSD Packet Filter
https://calomel.org/pf_config.html
man pages pf, pf.conf, pfctl
Book- The Book of PF - A No-Nonsense Guide to the OpenBSD Firewall
Book - Absolute OpenBSD
Building Firewalls with OpenBSD and PF

If you have more question, just reply back.

HTH

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
creating firewall	ramsatpm	Networking, Firewalls and Security	1	28-03-2008 09:15 AM
Firewall issues	shilpigoel1	Networking, Firewalls and Security	3	30-10-2007 03:47 AM
squid without firewall	meenal	Networking, Firewalls and Security	1	29-10-2007 03:54 PM
MCP61 firewall	racer	Linux hardware	0	11-10-2007 03:27 AM
suse 9 firewall	click007	Getting started tutorials	5	15-08-2007 11:29 PM

nixCraft

OPEN BSD 3.9 Firewall

OPEN BSD 3.9 Firewall

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Similar Threads