From owner-freebsd-questions Tue Oct 29 13: 3:27 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3931B37B401 for ; Tue, 29 Oct 2002 13:03:26 -0800 (PST) Received: from hotmail.com (f88.law10.hotmail.com [64.4.15.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id EC52843E3B for ; Tue, 29 Oct 2002 13:03:25 -0800 (PST) (envelope-from dubbified@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 29 Oct 2002 13:03:25 -0800 Received: from 131.107.3.92 by lw10fd.law10.hotmail.msn.com with HTTP; Tue, 29 Oct 2002 21:03:25 GMT X-Originating-IP: [131.107.3.92] From: "C KH" To: simon1@server.simon1.net Cc: questions@FreeBSD.ORG Subject: Re: Can't connect to DNS servers -- Firewall prob? Date: Tue, 29 Oct 2002 21:03:25 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 29 Oct 2002 21:03:25.0731 (UTC) FILETIME=[9F77D730:01C27F8E] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Actually I neglected to mention I also have this rule: # Allow all traffic from internal lan $fwcmd add allow all from 192.168.0.0/16 to any This should take care of ANY traffic from my internal lan, including DNS requests from my machines to the nameservers, no? >From: Simon1 >To: C KH >CC: >Subject: Re: Can't connect to DNS servers -- Firewall prob? >Date: Tue, 29 Oct 2002 13:57:08 -0500 (EST) > >Make sure your box has permission to connect /to/ these systems. The rules >below allow the DNS servers to send things *to* your box, but don't allow >your box to send things TO those servers. You need to give >your box the ability to send the request /out/ to them in the first place. > >The hostname hangup is due to it trying to resolve the domain. Once you >get the DNS resolving that problem will disappear. > > > > I have explicitly added these rules to my /etc/rc.firewall: > > > > $fwcmd add allow udp from 66.135.144.2 53 to $oip > > $fwcmd add allow udp from 66.135.128.68 53 to $oip > > $fwcmd add allow tcp from 66.135.144.2 53 to $oip > > $fwcmd add allow tcp from 66.135.128.68 53 to $oip > > > > (where $oip is my external IP address). > > > > Another possibly related thing is that on bootup, my server hangs > > indefinitely as the initializing "hostname" part. I need to hard break >it > > with CTRL+C to continue bootup. _________________________________________________________________ Get faster connections -- switch to MSN Internet Access! http://resourcecenter.msn.com/access/plans/default.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message