Date: Fri, 9 Jun 2000 19:01:00 -0400 (EDT) From: Andy Dills <andy@xecu.net> To: freebsd-ipfw@freebsd.org Subject: Hijacking DNS with ipfw Message-ID: <Pine.GSO.4.21.0006091900050.21767-100000@shell.xecu.net>
next in thread | raw e-mail | index | archive | help
(I'm not a member of this list, so please cc me on replies. Thanks.) I'm having what appears to be a fundemental problem, and I was hoping somebody on the list might have an idea on how to proceed. As far as I can tell from the archives, this hasn't been addressed. I'm in a situation where I have customers with various DNS servers configured. These customers are all behind a FreeBSD (4.0-R) box. The FreeBSD box is running named (among other things). I had thought that this rule would cut it: ipfw add 10 fwd 127.0.0.1,53 udp from any to any 53 recv xl1 But that just doesn't work. I'm assuming it's because maybe named gets confused because fwd rules preserve the dest IP (as fwd rules are intended to be used in transparent cacheing). Does anybody have a suggestion on how to approach this? Thanks, Andy xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Andy Dills 301-682-9972 Xecunet, LLC www.xecu.net xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Dialup * Webhosting * E-Commerce * High-Speed Access To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.21.0006091900050.21767-100000>