Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.

https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Authpf freebsd

schrodinger · 2005-12-07 13:58:25

Hey everyone, I have a nylon socks server installed on FreeBSD 5.4 in college and I want to lock it off to all users who authenticate over SSH as nylon only supports locking it off to IP addresses or ranges. In my /etc/pf.rules I have: anchor authpf Just underneath all of my pass rules. And in /etc/authpf/authpf.rules I…

07-12-2005 02:58PM

#1
schrodinger

Registered Users, Registered Users 2 Posts: 326 ✭✭

Join Date: June 2001

Posts: 278
Hey everyone,

I have a nylon socks server installed on FreeBSD 5.4 in college and I want to lock it off to all users who authenticate over SSH as nylon only supports locking it off to IP addresses or ranges.

In my /etc/pf.rules I have:
anchor authpf

Just underneath all of my pass rules.

And in /etc/authpf/authpf.rules I have:
int_if="fxp0" pass in on $int_if proto tcp from $user_ip to $int_if port 1080 flags S/SA keep state

I also have a blank /etc/authpf/authpf.conf file. But when someone logs in under SSH they cannot access port 1080. Am I missing something critical to the authpf setup???

Any help greatly appreciated as this is starting to really wreck my head.

0

Comments

#2 07-12-2005 03:11PM

schrodinger

Registered Users, Registered Users 2 Posts: 326 ✭✭

Join Date: June 2001

Posts: 278

could someone move this to Unix I place it in the wrong board.

Thanks.

0