|
Honeypots
mailing list archives
Re: Openbsd firewall
From: joe smith <joe () joesmith homeip net>
Date: Mon, 02 Aug 2004 10:33:31 -0500
Thanks for all of the suggestions,
I'm still getting bandwidth error when I try to load the pf.conf. Maybe
there is a low limit on bandwidth on openbsd 3.5 (I just haven't found
the documantion on it yet).
here is a snipet of my pf.conf
altq on $ext_if cbq(red) bandwidth 1.5Mb queue {std hpot}
queue std bandwidth 1.49Mb cbq(default red)
queue hpot bandwidth 5.6Kb cbq(red) <-------- if I set this below
5.59Kb I'll get error message below
pass out on $ext_if from $my_hpot to any keep state (max 5, source-track
rule, tcp.established 900, tcp.closing 90) queue hpot
error message
pfctl: queue bandwidth must be larger than 5.59Kb
cbq: queue hpot is too slow!
j
Alexandre Dulaunoy wrote:
On Thu, 29 Jul 2004, joe smith wrote:
I currently testing an openbsd gateway/firewall for my honeypot setup.
I'm limiting the amount of bandwidth for each honey pot. Does anyone
know why I can not set it below 5.6 kilobits?
I think you already got a reply regarding ALTQ but this not trivial
due to the various type of queueuing and the inner working of ALTQ
too.
Another approach that can work for Honeynets is to use the
max-src-states, max-src-nodes and max. Check stateful tracking options
in pf.conf(5).
Hope this helps,
adulau
 By Date 
By Thread
Current thread:
| 
Intro
