[Tor-BSD] OpenBSD pf rules...
George Rosamond
george at ceetonetechnology.com
Wed Nov 26 22:34:34 EST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Libertas:
> On 11/26/2014 04:28 PM, George Rosamond wrote:
>> 2. effectively dropping traffic to listening ports you don't
>> want, such as bad synfin packets or say, netblocks/IPs you don't
>> want to connect.
>
> What kind of netblocks or IPs would you block?
I wouldn't personally.. but I was just listing a reason why firewalls
are useful. pf, for instance, is probably a better idea than use
tcp-wrappers (no insult to wietse!).
I can imagine a scenario in which someone is maintaining a bridge for
people just in a certain locale, with the aim of assisting in
circumvention as opposed to anonymity. Not that I'm recommending that.
A while back, i was blocking the relays marked 'bad', but not really
sure if that's effective, or if the network itself isn't doing that
already.
g
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJUdpvCAAoJEDWHyurqDVf+gFgP+gJZ45znxmKunHhm2Uny+gNR
NqoyE1LIY8svgVM+p1o9cWbKE+U+G6snlVHAUpEZMBtjsXgJOpX1B4XJCsDlco+a
+zffYpcozzartlHZBxWTydbFQ5RRVa8EEh5M7ZTniqb+vfhxhRDeryiBtVQIWzKe
BNtabTdR+Z0t+IHT3rSrCVnTIHYPJzOLKJNFL3W9bzFTrFxaGEBUlVq+fkeLHP4M
9OLXnRJuBPQhaZ1r54gS/kQQyS61lv3DJ5vjLhQj6oqC+pa3R13YS8tSEOFkHn0m
UeV1FxGMqT4i+VIfXPDbObNPmbqK5QwFR8mAIfIz5bC3Ett4wRsR85wiSnv7GrnQ
ca4cwf62GpvVplImqw6Okd/UlXh1aGRSQDEMlGmeCO+seAfea9K8GaCqsYC492bF
D+rYbxbQ6Z5FnDwEh4K4GJJGhSJj3Dfb14Aata980Lk8fdLi5xNnwuA43xU+dfoH
0DfWRzZRh0o+e1L76luW5/gcWHbRclb8faT6PySwtlUn358LA9OSlkbn96102IlA
17J9mvxKg60Sx0Ojic8YzRkvRx5oSH0Q+3gG8GE27GXa4dQXJFHbGZMWCgUMZZsA
q2iI/4gHCgBvkb/soE34CzD6HajCOgKsFwC3aOoX+fHBScdADJ298TPoQIsFr9c/
Gpl10vX3lEafUbjAZlbw
=Zv9x
-----END PGP SIGNATURE-----
More information about the Tor-BSD
mailing list