[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PF and a feauture I requested weeks ago

To: misc@openbsd.org
Subject: PF and a feauture I requested weeks ago
From: van Helsing <vh@helith.net>
Date: Mon, 2 Aug 2004 00:57:13 +0200
Organization: Helith Network

PFSYNC is a usefull feauture of PF but it has one big disadvantage:
I need a direct cable connection to the other PC.

The only way to sync. all FWs in my VPN is that I've a script wich
noticed when the PF.conf has changed (e.g. because SNORT) and wich login
all the other Servers/FWs replace the PF.conf and rebooting the FW.

Is there any solution wich allow PFSYNC to send the SYNC-Packetes
through an encrypted connection (SSH/SSL?) to other systems?
I think such a solution is easy to include because there could be a
host-authentication with the SSH-Keys.

Because Theo is working for OpenBSD and OpenSSH such a solution could
maybe easy integrated in the new release of OpenBSD.

Just a question because I don't know for now a system wich enable me to
do that easily.
Because if I wanna block an IP I wanna block them net-wide at ALL computers.

vh

[demime 0.98d removed an attachment of type application/pgp-signature]

Follow-Ups:
- Re: PF and a feauture I requested weeks ago
  - From: "L. V. Lammert" <lvl@omnitec.net>
- Re: PF and a feauture I requested weeks ago
  - From: Mailing Lists <lists@coredump.com.ar>
- Re: PF and a feauture I requested weeks ago
  - From: Otto Moerbeek <otto@drijf.net>

Prev by Date: Re: Patch Installation
Next by Date: Re: Programs using radio(4)
Prev by thread: 2005년도 유망직종 자격증 선별 [취업,이직] 시험안내자료 usp n e wwo
Next by thread: Re: PF and a feauture I requested weeks ago
Index(es):
- Date
- Thread