From owner-freebsd-security@FreeBSD.ORG Fri Jan 23 01:54:57 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ECFF716A4CE for ; Fri, 23 Jan 2004 01:54:57 -0800 (PST) Received: from redqueen.elvandar.org (cust.94.120.adsl.cistron.nl [195.64.94.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id B0D9443D3F for ; Fri, 23 Jan 2004 01:54:56 -0800 (PST) (envelope-from remko@elvandar.org) From: "Remko Lodder" To: "Freebsd-Security@Freebsd. Org" Date: Fri, 23 Jan 2004 10:55:32 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new at elvandar.org Message-Id: <20040123095455.D68FB2B4D89@redqueen.elvandar.org> Subject: FW: [Freebsd-security] ipfw + named problem X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jan 2004 09:54:58 -0000 forgot this addr. -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: Remko Lodder [mailto:remko@elvandar.org] Verzonden: vrijdag 23 januari 2004 10:53 Aan: Nick Twaddell Onderwerp: RE: [Freebsd-security] ipfw + named problem did you tcpdump the packets so that you can follow his tail and see where the packets are not routed anymore? perhaps another filter is in place somewhere? what does your logging say, can you log with ipfw ? (i don't know ipfw sorry ;-) ) perhaps you can add more logrules to follow the blocks and these explicit accepts? cheers -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: freebsd-security-bounces@lists.elvandar.org [mailto:freebsd-security-bounces@lists.elvandar.org]Namens Nick Twaddell Verzonden: vrijdag 23 januari 2004 10:47 Aan: security@freebsd.org Onderwerp: [Freebsd-security] ipfw + named problem Ok, I am really stumped on this one. I setup ipfw with all my rules. Everything works great except for dns. If I do nslookup I get -su-2.05b# nslookup yahoo.com Server: localhost.webspacesolutions.com Address: 127.0.0.1 *** localhost.webspacesolutions.com can't find yahoo.com: Non-existent host/domain This is what I have in my ipfw.rules add 00310 allow tcp from any to any 53 out via de0 setup keep-state add 00311 allow udp from any to any 53 out via de0 keep-state What am I missing?? Thanks Nick _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" _______________________________________________ Freebsd-security mailing list Freebsd-security@lists.elvandar.org http://lists.elvandar.org/mailman/listinfo/freebsd-security