1. Forum
  2. fsxNet
  3. FSX GEN

  • OPNSense rules...

    From Shurato@21:2/148 to All on Thu Jul 31 19:22:00 2025
    How do I set this for a protocol? Google says it's an option, but it's
    not.

    I need to set 1 connection per IP for Telnet and SSH, 2 for NNTP and 3 for
    FTP, but I can't figure out how to do that...

    Ok, looks like it's max source states. If I set that, I have to pass the
    rule. Do I set this for LAN or WAN? I've tried both, applied the rule and
    was able to connect from an IP behind a VPN more than once with the max
    source states set to 1.

    --
    Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
    ,wss) (Ports 22,23,110,21,119,999)


    *** THE READER V4.50 [freeware]
    ---
    * Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (21:2/148)
  • From phigan@21:1/141 to Shurato on Mon Aug 11 21:34:50 2025
    I need to set 1 connection per IP for Telnet and SSH

    That sounds nice until your terminal session locks up one day and you can't access your things because there's a stale connection and you have to get in from an alternate source which you may or may not have access to right at that time.

    ---
    * Origin: 68k Mac Club | bbs.m68k.club (21:1/141)
  • From poindexter FORTRAN@21:4/122 to phigan on Mon Aug 11 08:51:49 2025
    phigan wrote to Shurato <=-

    I need to set 1 connection per IP for Telnet and SSH

    That sounds nice until your terminal session locks up one day and you can't access your things because there's a stale connection and you
    have to get in from an alternate source which you may or may not have access to right at that time.

    There's a subreddit called shittysysadmin where someone complained that
    they applied their firewall rules on the wrong interface and locked
    themselves out of the network[1] and the responses were hilarious. This
    one made me cough up my coffee.

    "That's why I always configure a backdoor - TCP 3389 to my domain
    controller"

    "Please brother at least tell me you used Password1 and not just Password
    for administrator."

    "I used Summer2029!, so it'll be secure for another 3 years"


    [1] I've done that.


    --- MultiMail/Win v0.52
    * Origin: realitycheckBBS.org -- information is power. (21:4/122)
  • From Shurato@21:2/148 to phigan on Mon Aug 11 12:10:00 2025

    * In a message originally to Shurato, phigan said:

    I need to set 1 connection per IP for Telnet and SSH

    That sounds nice until your terminal session locks up one day and you
    can't access your things because there's a stale connection and you have
    to get in from an alternate source which you may or may not have access to right at that time.

    --- * Origin: 68k Mac Club | bbs.m68k.club (21:1/141)

    Just for the BBS, not shell sessions.

    --
    Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
    ,wss) (Ports 22,23,110,21,119,999)


    ---
    * Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (21:2/148)
  • From Digital Man@21:1/183 to poindexter FORTRAN on Wed Aug 13 21:02:38 2025
    Re: Re: OPNSense rules...
    By: poindexter FORTRAN to phigan on Mon Aug 11 2025 08:51 am

    they applied their firewall rules on the wrong interface and locked themselves out of the network[1] and the responses were hilarious. This
    one made me cough up my coffee.
    [1] I've done that.

    Rite of passage. :-)
    --
    digital man (rob)

    Synchronet "Real Fact" #34:
    The back-up synchro.net nameserver and CVS repository is hosted by Deuce
    Norco, CA WX: 68.8øF, 80.0% humidity, 5 mph W wind, 0.00 inches rain/24hrs
    --- SBBSecho 3.29-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (21:1/183)