Date: 6 Jan 1999 12:17:51 -0000 From: "Yusuf Goolamabbas" <yusufg@huge.net> To: freebsd-questions@FreeBSD.ORG Subject: How to allow incoming DNS via 'client' prof in rc.firewall Message-ID: <19990106121751.23171.qmail@yusufg.portal2.com>
next in thread | raw e-mail | index | archive | help
Hi, I am a relatvie newbie to FreeBSD. I installed FreeBSD 3.0 on a
machine which acts as our nameserver. I compiled IPFIREWALL into the
kernel and setup in rc.conf, firewall type as client
Machines on our internal network can resolve external hosts via DNS
server. Now, I wanted to see if machines external to our network can
query our DNS server. I logged in to one such machine and gave the
command
dig @my.nameserver internal.machine.name
After a long while, the command failed
I edited firewall type to be "open" and rebooted the server
Now above command works,
I read further in rc.firewall and came across "simple" profile
I copied the following line to just after allow setup of incoming mail
in "client" profile
/sbin/ipfw add pass tcp from any to ${ip} 53 setup
Rebooted. Same query from external host. Again failure
I can only get the query answered by keeping firewall type as open
Can anybody tell me how I can allow access to my DNS from outside
whilst having all the features of the "client" profile in rc.firewall
Thanks, Yusuf
--
Yusuf Goolamabbas
yusufg@huge.net
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990106121751.23171.qmail>