PF Firewall

I‘ve ssh gateway behind my NAT firewall. So all users must first login to my gateway host from the internet and then login to other machines on the LAN. This works great for cli based apps. However, few users would like to run x apps from internal LAN hosts and tunnel X display through intermediate ssh gateway and display back output on their local system. For example, from localsystem user makes connection as follows:

ssh -X user@gateway.example.com
ssh -X user@somelan.example.com

X forwarding fails with an error:

Error: Can’t open display:

How do I fix this problem and allow users to use X apps with my intermediate Linux / BSD gateway?

{ 5 comments }

I‘ve FreeBSD 7.x server with 3 jails are configured to run a mail, web and MySQL services. My FreeBSD box has two network interfaces. First, interface is connected to LAN and other is directly connected to the Internet via public IP. My DNS servers are hosted on private network (LAN). FreeBSD 7.x jail only support one interface and one IP address. How do I configure jail (FreeBSD vps) to access my DNS servers hosted inside my LAN using PF firewall?

{ 1 comment }

Question: I’ve vsftpd ftp server configured under FreeBSD 7.x and PF firewall. Both PF and FTP server running on a dedicated FreeBSD web server. How do I configure PASSIVE FTP PF firewall configuration so that my vsftpd work? How do I configure PF firewall to protect an FTP server and open port 21?

{ 1 comment }

Q. How do I configure and Install Apache web server with PHP5 and mod_fastcgi to get faster PHP access under FreeBSD server?

{ 6 comments }

Q. Under FreeBSD 7.0 patch level 5, I’m getting following warning message:

Enabling pf.
No ALTQ support in kernel
ALTQ related functions disabled
No ALTQ support in kernel

I need ALTQ support for my FreeBSD box. How do I enable ALTQ for Class Based Queuing (CBQ) to divide a connection’s bandwidth into different classes or queues to prioritize traffic based on filter rules?

{ 3 comments }

Q. I’ve FreeBSD based Apache webserver. I need to allow outgoing ftp client requests so that BSD ports collection can download from various ftp sites. How do I allow outgoing FTP connection via PF network firewall software under FreeBSD or OpenBSD operating system?

{ 10 comments }

I’ve couple of remote servers and I’d like to access few admin only application running on port 10000 and 3001. My firewall only allows port 80, 443, 25, 22 and 110 for public access. Do I need to open port 10000 and 3001 for everyone using firewall? How do I access my admin only apps without opening port 10000 and 3001?

{ 8 comments }