Date: Thu, 3 Jun 2004 11:01:19 +0900 From: horio shoichi <bugsgrief@bugsgrief.net> To: Randy Babb <randy@insipidity.co.uk> Cc: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: IPFILTER Rules Message-ID: <20040603.020119.81dcaeea51712ca3.10.0.3.20@bugsgrief.net> In-Reply-To: <1086216862.23474.19.camel@localhost> References: <1086188875.5101.29.camel@localhost> <20040602203950.GB4054@gothmog.gr> <1086216862.23474.19.camel@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 02 Jun 2004 22:54:22 +0000 Randy Babb <randy@insipidity.co.uk> wrote: > On Wed, 2004-06-02 at 20:39, Giorgos Keramidas wrote: > > The delay seems suspiciously like a DNS timeout. Since you haven't > > mentioned any rules to explicitly allow DNS traffic below, I assume > > you > > don't have any. Just add the following rules before your groups: > > > > pass out quick proto udp from any to any keep state > > block return-icmp-as-dest(port-unr) in log proto udp from any to > > any > > Thanks, that fixed it. I also had another problem which stopped a lot of > outgoing traffic working which seems to have been fixed by adding keep > state to "pass out on rl0 all head 100". > > > Thanks, > Randy > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > Possibly a dumb question. Do /etc/make.conf (or /etc/defaults/make.conf) match on both of machines ? horio shoichi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040603.020119.81dcaeea51712ca3.10.0.3.20>