≡ Menu

PF Firewall

FreeBSD Jail Access Private Network Via NAT and PF

I've FreeBSD 7.x server with 3 jails are configured to run a mail, web and MySQL services. My FreeBSD box has two network interfaces. First, interface is connected to LAN and other is directly connected to the Internet via public IP. My DNS servers are hosted on private network (LAN). FreeBSD 7.x jail only support one interface and one IP address. How do I configure jail (FreeBSD vps) to access my DNS servers hosted inside my LAN using PF firewall?
[click to continue…]

PF Firewall Open FTP Port 21 (PASSIVE Configuration)

Question: I've vsftpd ftp server configured under FreeBSD 7.x and PF firewall. Both PF and FTP server running on a dedicated FreeBSD web server. How do I configure PASSIVE FTP PF firewall configuration so that my vsftpd work? How do I configure PF firewall to protect an FTP server and open port 21?
[click to continue…]

FreeBSD Configure Apache PHP with mod_fastcgi Module

Q. How do I configure and Install Apache web server with PHP5 and mod_fastcgi to get faster PHP access under FreeBSD server?
[click to continue…]

FreeBSD Enable PF ALTQ Firewall Support

Q. Under FreeBSD 7.0 patch level 5, I'm getting following warning message:

Enabling pf.
No ALTQ support in kernel
ALTQ related functions disabled
No ALTQ support in kernel

I need ALTQ support for my FreeBSD box. How do I enable ALTQ for Class Based Queuing (CBQ) to divide a connection's bandwidth into different classes or queues to prioritize traffic based on filter rules?
[click to continue…]

BSD FTP-Proxy: PF Firewall Allow Outgoing Active / Passive FTP Connections

Q. I've FreeBSD based Apache webserver. I need to allow outgoing ftp client requests so that BSD ports collection can download from various ftp sites. How do I allow outgoing FTP connection via PF network firewall software under FreeBSD or OpenBSD operating system?
[click to continue…]

Access Any Remote Server Port Without Modifying Firewall Settings

Q. I've couple of remote servers and I'd like to access few admin only application running on port 10000 and 3001. My firewall only allows port 80, 443, 25, 22 and 110 for public access. Do I need to open port 10000 and 3001 for everyone using firewall? How do I access my admin only apps without opening port 10000 and 3001?
[click to continue…]

FreeBSD / OpenBSD: PF Firewall Filter Large Number Of Subnets and IP Address

Q. How do I filter larger number of subnets and IPs using OpenBSD's pf firewall under FreeBSD 7.x server? How do I log all dropped packets from such ips? How do I block upto 10000 IPs or subnet without any performance penalty?
[click to continue…]

axfr-get: fatal: unable to parse AXFR results: protocol error and Solution

I'm trying to get data (AXFR query) from master tinydns server to secondary DNS server using tcpclient as follows:
tcpclient -v a.ns.example.com 53 axfr-get example.com example.com example.com.tmp

But I'm getting an error which read as follows:

>axfr-get: fatal: unable to parse AXFR results: protocol error

How do I fix this problem?
[click to continue…]

FreeBSD Install and Configure Apache Web Server

Q. How do I install and configure Apache web server under FreeBSD 7.x operating systems?
[click to continue…]