Peter N. M. Hansteen @pitrh
Occasional rants about IT with an OpenBSD slant at http://bsdly.blogspot.com/
Freshly discovered pet hate: Apps that claim to resume file transfers but actually restart them. Bonus for reaching 98.7% before doing just that.
For those who care about email, my 2012 piece "In The Name Of Sane Email: Setting Up OpenBSD's spamd(8) With Secondary MXes In Play - A Full Recipe" http://bsdly.blogspot.no/2012/05/in-name-of-sane-email-setting-up-spamd.html has been slightly modernized. Enjoy! (yes, #OpenBSD #spamd)
The actual presentation for our #OpenBSD #PF tutorial https://www.bsdcan.org/2017/schedule/events/805.en.html at @bsdcan is inching closer to being ready for prime time. (now with working url, thanks @kurtm)
@lattera nice to hear you got it working!
@lattera tcpdump on the pflog device should give you which rules blocked or passed at least.
But I'll be at BSDCan, so if needed we can sit down there and try to dissect.
@lattera I may be missing something (getting late here in CEST land) but try rules that deal specifically with passing and if necessary rdr for ssh.
also route-to is a bit scary because it depends on the endpoint having a sensible answer (route).
Anyway, the way forward is to add log (all) to relevant rules, get friendly with tcupdump :).
BTW does freebsd have log(matches) yet? would be ideal here on selected rules.
RE previous, the good old version is still at http://home.nuug.no/~peter/pf/newest but the new one will be more compact, nicer looking and at least as much fun. And more international, of course.
The actual presentation for our #OpenBSD #PF tutorial https://www.bsdcan.org/2017/schedule/events/805.en.htmlat @bsdcan is inching closer to being ready for prime time.
heh. looks like my old rant on "Why not use port knocking?" http://bsdly.blogspot.com/2012/04/why-not-use-port-knocking.html is getting some attention again, somewhere. Enjoy those Unicode passwords, all!
Just got to love it when one connection yields two new spamtraps, from a sender that tries to pose as the receiving domain: May 13 07:14:14 skapet spamd[39041]: new entry 218.70.178.101 from <busrasule@bsdly.com> to <88@bsdly.com>, helo bsdly.com.
In case you missed it - the "OpenBSD and you - How to have fund with the world's most important free software project" https://home.nuug.no/~peter/openbsd_and_you/ presentation has been updated with #OpenBSD 6.1 and past info.
(This might even be worth ever so briefly turning JavaScript back on in your browser for)
The "OpenBSD and you - how to have fun with the world's most important free software project https://home.nuug.no/~peter/openbsd_and_you/ is now updated with #OpenBSD 6.1 (and newer) info.
Official OpenBSD 6.1 CD - There's only One! http://undeadly.org/cgi?action=article&sid=20170503203426&mode=expanded
OpenSSH Removes SSHv1 Support http://undeadly.org/cgi?action=article&sid=20170501005206
So my latest made it to hackernews https://news.ycombinator.com/item?id=14226003 and my logs look like we might be drumming up some traffic for @bsdcan as well.
The many ways of running firefox on OpenBSD http://undeadly.org/cgi?action=article&sid=20170425173917
Forcing the password gropers through a smaller hole with OpenBSD's PF queues http://bsdly.blogspot.no/2017/04/forcing-password-gropers-through.html
The @bsdcan PF+networking tutorial w/@stucchimax @pitrh could be good fun http://www.bsdcan.org/2017/schedule/events/805.en.html now working on fresh scenarios/excercises right now
Upgrading #OpenBSD, even snapshot-to-snapshot, is so easy it's boring: http://bsdly.blogspot.no/2012/07/keeping-your-openbsd-system-in-trim.html (updated to reflect 6.1 onwards)