Friday, October 20, 2006

pf based nat gateway for office network

tags: , ,

Tonight i replace old FreeBSD based NAT gateway to OpenBSD based NAT gateway and firewall. This is short article about pf configuration.

I use Intel Celeron 500MHz based server with two network cards (vr0 and vr1). Here is configuration steps:

  1. buy more beer and pizza!
  2. install openbsd
  3. set net.inet.ip.forwarding sysctl value to “1” and add string net.inet.ip.forwarding=1 to /etc/sysctl.conf file
  4. activate pf. add pf=YES line to /etc/rc.conf.local file
  5. let’s edit /etc/pf.conf file:
    # macros
    ext_if="vr0"
    int_if="vr1"

    # options
    set block-policy return
    set loginterface $ext_if
    set skip on lo

    # scrub
    scrub in

    # network address translation (NAT)
    nat on $ext_if from !($ext_if) to any -> ($ext_if)

    #filter
    block in
    pass out keep state
    antispoof quick for { lo $int_if }
    pass quick on $int_if
  6. load config file. pfctl -f /etc/pf.conf
…and read “The OpenBSD Packet Filter”.

Monday, October 2, 2006

hacking usb device drivers->part 2

tags:

This is the second article from “Hacking USB device drivers” series. In this part will be covered device supporting mechanism by USB device drivers.

  • Adding vendor and product IDs for USB drivers (read)
  • Adding support for new devices to USB drivers
    • Introduction
    • Modify dev_devs[] structure

Adding support for new devices to USB drivers

Introduction
All USB devices have vendor ID, product ID and device class. USB device can be attached to driver allocated with supported IDs and/or classes. Typically in USB driver you can see dev_devs[] structure, where dev is a device name. In this structure listed supported products.
USB device drivers can be founded in /usr/src/sys/dev/usb/ directory.

Modify dev_devs[] structure
For example, in uplcom(4) driver uplcom_devs[] structure contain strings like following line:
{ USB_VENDOR_SIEMENS3, USB_PRODUCT_SIEMENS3_X75 },
These lines can be founded in usbdevs_data.h file:
{
USB_VENDOR_SIEMENS3, USB_PRODUCT_SIEMENS3_X75,
"X75",
},
For adding support of new product to USB device driver all you need is modify dev_devs[] structure.