Tuesday, June 29, 2010

OpenBSD 4.7 PF Changes for Gateway Firewall

So yesterday evening I finally got around to updating one of my OpenBSD gateway firewalls to 4.7. On the gateway the PF rules only needed changes in the scrub and proxy sections. Below are the changes. Hopefully this will help you out if you haven’t already updated.

######4.6 pf.conf###############
# Normalize all incoming/outgoing traffic to prevent malformed packets
scrub in on $ext_if all random-id fragment reassemble no-df min-ttl 5
scrub out on $ext_if all random-id fragment reassemble no-df

# FTP-Proxy
nat-anchor "ftp-proxy/*"
rdr-anchor "ftp-proxy/*"
rdr on $int_if proto tcp from $mynet to any port 21 -> port 8021

# Squid Redirect
rdr on $int_if inet proto tcp from <webproxyusers> to !<nonproxysites> port { 80 8080 }-> port 3128

#######4.7 pf.conf##########

# Normalizing packets
match in on $ext_if scrub (random-id min-ttl 5 no-df)
match out on $ext_if scrub (random-id no-df)

# FTP-Proxy

anchor "ftp-proxy/*"
pass in quick on $int_if proto tcp from $mynet to any port 21 rdr-to port 8021

# Squid Redirect
pass in quick on $int_if proto tcp from <webproxyusers> to !<nonproxysites> port { 80 8080 } rdr-to port 3128

Export Man Page to Text File

Needed a quick way to exporting a man page to a text file. Below is the command for exporting the man page for pf.conf (need to research a few things before upgrading to OpenBSD 4.7)

$ man pf.conf | col -bx > pf.conf.txt

Monday, June 21, 2010

C# ARP Request

I started working on version 3 of my ARPCheck application yesterday. Forgot that I never got around to posting a code example.


using System;
using System.Collections.Generic;
using System.Text;
using System.Net;
using System.Net.NetworkInformation;
using System.Runtime.InteropServices;

namespace ArpCheckDemo
class Program
//Configure the SendARP from the iphlpapi.dll
//Currently .NET Doesn't have a Framework Method for Sending an ARP Request
[DllImport("iphlpapi.dll", ExactSpelling = true)]
public static extern int SendARP(int dstIP, int srcIP, [Out] byte[] macAddr, ref int hwAddrLength);

static void Main(string[] args)
//IP Address for Destination IP
IPAddress addr = IPAddress.Parse("");
//Byte Array for MAC Address of Destination IP
byte[] mac = new byte[6];
//Variable for the Hardware Address Length (in Octets)
int hwLength = 6;
//Sending ARP Request for Destination IP Address and Getting Back MAC Byte Array
SendARP(BitConverter.ToInt32(addr.GetAddressBytes(),0), 0, mac, ref hwLength);
//Converting the Byte Array to Hexademical String
String macAddress = BitConverter.ToString(mac, 0, hwLength);
//Display MAC Address for Remote IP

Friday, June 11, 2010

Exchange 2007 Database Defragmentation

Last week due to an issue with the anti-spam client on my exchange server, I had to defrag the default "Mailbox Database". Below are the steps I performed to accomplish the task.

In my environment the Exchange databases are located on the D: drive.

  1. Dismount the database in question via the Exchange Management Console

  2. Via the command line, move to directory C:\Program Files\Exchange Server\Bin

  3. Test the information Store of the server. (my server is named MailLady)

    isinteg.exe -s MailLady -test allfoldertests

  4. Type the number of the database and hit Enter. Confirm with Y and then Enter again

  5. If all tests pass then run an integrity check on the database

    eseutil.exe /g " D:\Exchange Databases\Mailbox Database.edb" /t "D:\Exchange Databases\Temp\temper.edb"

  6. If that passes then run a defrag of the database

    eseutil.exe /d " D:\Exchange Databases\Mailbox Database.edb" /t "D:\Exchange Databases\Temp\temper.edb"

  7. After that finishes then mount the database via the Exchange Management Console

By default the eseutil command creates a temporary database inside the Bin directory on the system drive. Since my Exchange Server didn't have that much free room on the system drive I had to use the /t switch to move the temp database to a drive with more room.