List Info

Thread: PF operations on tables
PF operations on tables
country flaguser name
Romania		 2007-05-13 03:45:35 
Hi,

I made a PF patch[1] last night that support a syntax like
this:

block|pass .... OPER sometable

OPER may be add-src, del-src, add-dst or del-dst

I made it as a simple way to pass passive ftp to a server
but you can do funny 
things with it like I did here:

block in quick on bge0 inet proto tcp from any to any port =
35000 add-src 
firstauth
block in quick on bge0 inet proto tcp from <firstauth>
to any port = 33333 
add-src secondauth
pass in quick on bge0 inet proto tcp from <secondauth>
to any port = ssh
block in quick on bge0 inet proto tcp from any to any port =
ssh
block in quick on bge0 inet proto tcp from any to any port =
34000 del-src 
secondauth
block in quick on bge0 inet proto tcp from any to any port =
34001 del-sec 
firstauth

Any opinions are welcome ! (Please CC me)

[1] - http://kefren.net
bsd.ro/pfoper.diff

-- 
Mihai Chelaru
Re: PF operations on tables
user name
 2007-05-14 10:20:22 
On Sun, May 13, 2007 at 11:45:35AM +0300, Mihai Chelaru
wrote:
> 
> block|pass .... OPER sometable
> 
> OPER may be add-src, del-src, add-dst or del-dst


so this allows port knocking?

-- 
 hail eris
 http://rubberduck.com/
Re: PF operations on tables
country flaguser name
Romania		 2007-05-14 10:23:40 
On Monday 14 May 2007, Charlie Allom wrote:
> so this allows port knocking?

Yes

-- 
Mihai
[1-3]

about | contact  Other archives ( Real Estate discussion Medical topics )