From owner-freebsd-questions@FreeBSD.ORG  Sun Nov 21 00:12:51 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3EB3B16A4CE
	for <freebsd-questions@freebsd.org>;
	Sun, 21 Nov 2004 00:12:51 +0000 (GMT)
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.202])
	by mx1.FreeBSD.org (Postfix) with ESMTP id E396843D45
	for <freebsd-questions@freebsd.org>;
	Sun, 21 Nov 2004 00:12:50 +0000 (GMT)
	(envelope-from fenomenoxp2@gmail.com)
Received: by wproxy.gmail.com with SMTP id 68so130345wra
	for <freebsd-questions@freebsd.org>;
	Sat, 20 Nov 2004 16:12:50 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references;
	b=e6TP32g7Ut5t6uQhi8+FzwB5rrG6ld/GdIFsla0o/I3RMPgkUCoZWNfocDe6yPNdr3qJtRDZmKZMPFIz2GSGH6OhHG91JHMAQXBP2rd2FuXdIhrkpY9VY9YsCaTcJnQqGr549nB1qZHhJN6+JIvxE8raVC7eWZLcys1OExrunNc=
Received: by 10.54.45.5 with SMTP id s5mr680884wrs;
        Sat, 20 Nov 2004 16:12:50 -0800 (PST)
Received: by 10.54.46.51 with HTTP; Sat, 20 Nov 2004 16:12:50 -0800 (PST)
Message-ID: <dd9992320411201612322d4d3f@mail.gmail.com>
Date: Sun, 21 Nov 2004 01:12:50 +0100
From: Emil Khatib <fenomenoxp2@gmail.com>
To: freebsd-questions@freebsd.org
In-Reply-To: <41976C23.2080602@mac.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
References: <dd999232041114061645000810@mail.gmail.com>
	 <41976C23.2080602@mac.com>
Subject: Re: host name lookup failure under 4.9
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Emil Khatib <fenomenoxp2@gmail.com>
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Nov 2004 00:12:51 -0000

I've found finally the problem: I've been using natd without enabling
IPDIVERT in the kernel. I gess that was the problem, as everything now
works properly. Thnaks for your help


On Sun, 14 Nov 2004 09:30:59 -0500, Chuck Swiger <cswiger@mac.com> wrote:
> Emil Khatib wrote:
> [ ... ]
>  > The firewall rules are:
> >
> > pass udp from me to any 53 keep-state
> > pass tcp from me to any 20 keep-state
> > pass tcp from me to any 21 keep-state
> > pass tcp from me to any 80 keep-state
> >
> > So I want to allow DNS, FTP and HTTP.
> 
> Your rules aren't enough to work right; at the very least, you need a
> check-state rule to permit return traffic to the connections you approve of
> via the keep-state keyword.  I suggest you examine /etc/rc.firewall carefully
> and look at the example rulesets there.
> 
> Also, while you can use IPFW and natd in conjunction with PPP via the tun0
> interface, doing so is more complicated than need be since PPP already has
> firewall and NAT'ing capabilities built-in.  Using them directly via your
> ppp.conf might be easier.
> 
> --
> -Chuck
>