Honeypots mailing list archives
Re: Openbsd firewall
From: joe smith <joe () joesmith homeip net>
Date: Mon, 02 Aug 2004 10:33:31 -0500
Thanks for all of the suggestions,I'm still getting bandwidth error when I try to load the pf.conf. Maybe there is a low limit on bandwidth on openbsd 3.5 (I just haven't found the documantion on it yet).
here is a snipet of my pf.conf altq on $ext_if cbq(red) bandwidth 1.5Mb queue {std hpot} queue std bandwidth 1.49Mb cbq(default red)queue hpot bandwidth 5.6Kb cbq(red) <-------- if I set this below 5.59Kb I'll get error message below
pass out on $ext_if from $my_hpot to any keep state (max 5, source-track rule, tcp.established 900, tcp.closing 90) queue hpot
error message pfctl: queue bandwidth must be larger than 5.59Kb cbq: queue hpot is too slow! j Alexandre Dulaunoy wrote:
On Thu, 29 Jul 2004, joe smith wrote:I currently testing an openbsd gateway/firewall for my honeypot setup. I'm limiting the amount of bandwidth for each honey pot. Does anyone know why I can not set it below 5.6 kilobits?I think you already got a reply regarding ALTQ but this not trivial due to the various type of queueuing and the inner working of ALTQtoo.Another approach that can work for Honeynets is to use the max-src-states, max-src-nodes and max. Check stateful tracking optionsin pf.conf(5).Hope this helps, adulau
Current thread:
- Openbsd firewall joe smith (Jul 29)
- Re: Openbsd firewall victor calzado (Jul 30)
- Re: Openbsd firewall Travis Boucher (Jul 30)
- Re: Openbsd firewall Alexandre Dulaunoy (Aug 02)
- Re: Openbsd firewall joe smith (Aug 02)