From owner-freebsd-ipfw Fri Jun 9 16: 1:12 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from post.xecu.net (post.xecu.net [216.127.136.211]) by hub.freebsd.org (Postfix) with ESMTP id 20BA737C6AE for ; Fri, 9 Jun 2000 16:01:07 -0700 (PDT) (envelope-from andy@xecu.net) Received: from shell.xecu.net (shell.xecu.net [216.127.136.216]) by post.xecu.net (Postfix) with ESMTP id 32722475E for ; Fri, 9 Jun 2000 18:59:02 -0400 (EDT) Received: from localhost (andy@localhost) by shell.xecu.net (8.8.8+Sun/8.8.8) with ESMTP id TAA23693 for ; Fri, 9 Jun 2000 19:01:00 -0400 (EDT) X-Authentication-Warning: shell.xecu.net: andy owned process doing -bs Date: Fri, 9 Jun 2000 19:01:00 -0400 (EDT) From: Andy Dills To: freebsd-ipfw@freebsd.org Subject: Hijacking DNS with ipfw Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG (I'm not a member of this list, so please cc me on replies. Thanks.) I'm having what appears to be a fundemental problem, and I was hoping somebody on the list might have an idea on how to proceed. As far as I can tell from the archives, this hasn't been addressed. I'm in a situation where I have customers with various DNS servers configured. These customers are all behind a FreeBSD (4.0-R) box. The FreeBSD box is running named (among other things). I had thought that this rule would cut it: ipfw add 10 fwd 127.0.0.1,53 udp from any to any 53 recv xl1 But that just doesn't work. I'm assuming it's because maybe named gets confused because fwd rules preserve the dest IP (as fwd rules are intended to be used in transparent cacheing). Does anybody have a suggestion on how to approach this? Thanks, Andy xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Andy Dills 301-682-9972 Xecunet, LLC www.xecu.net xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Dialup * Webhosting * E-Commerce * High-Speed Access To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message