From owner-freebsd-questions@FreeBSD.ORG  Wed Jun  2 19:01:28 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6D74716A4CE
	for <freebsd-questions@freebsd.org>;
	Wed,  2 Jun 2004 19:01:28 -0700 (PDT)
Received: from dns10.mail.yahoo.co.jp (dns10.mail.yahoo.co.jp
	[210.81.151.143])
	by mx1.FreeBSD.org (Postfix) with SMTP id 696EF43D46
	for <freebsd-questions@freebsd.org>;
	Wed,  2 Jun 2004 19:01:27 -0700 (PDT)
	(envelope-from ayakokiko@ybb.ne.jp)
Received: from unknown (HELO gorgon.near.this) (219.11.234.11 with poptime)
  by dns10.mail.yahoo.co.jp with SMTP; 3 Jun 2004 02:01:26 -0000
X-Apparently-From: <ayakokiko@ybb.ne.jp>
Received: from hydra.near.this (hydra.near.this [10.0.3.20])
	by gorgon.near.this (Postfix) with ESMTP
	id EEDDB7F24; Thu,  3 Jun 2004 11:01:21 +0900 (JST)
Received: by hydra.near.this (Postfix, from userid 100)
	id BCEF49857; Thu,  3 Jun 2004 11:01:19 +0900 (JST)
Date: Thu, 3 Jun 2004 11:01:19 +0900
From: horio shoichi <bugsgrief@bugsgrief.net>
To: Randy Babb <randy@insipidity.co.uk>
In-Reply-To: <1086216862.23474.19.camel@localhost>
References: <1086188875.5101.29.camel@localhost>
	<20040602203950.GB4054@gothmog.gr>
	<1086216862.23474.19.camel@localhost>
X-Mailer: Sylpheed version 0.9.10claws (GTK+ 1.2.10; i386-portbld-freebsd4.9)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <20040603.020119.81dcaeea51712ca3.10.0.3.20@bugsgrief.net>
cc: Giorgos Keramidas <keramida@ceid.upatras.gr>
cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: IPFILTER Rules
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jun 2004 02:01:28 -0000

On Wed, 02 Jun 2004 22:54:22 +0000
Randy Babb <randy@insipidity.co.uk> wrote:
> On Wed, 2004-06-02 at 20:39, Giorgos Keramidas wrote:
> > The delay seems suspiciously like a DNS timeout.  Since you haven't
> > mentioned any rules to explicitly allow DNS traffic below, I assume
> > you
> > don't have any.  Just add the following rules before your groups:
> > 
> >     pass out quick proto udp from any to any keep state
> >     block return-icmp-as-dest(port-unr) in log proto udp from any to
> > any
> 
> Thanks, that fixed it. I also had another problem which stopped a lot of
> outgoing traffic working which seems to have been fixed by adding keep
> state to "pass out on rl0 all head 100".
> 
> 
> Thanks,
> Randy
> 
> 
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
> 

Possibly a dumb question.

Do /etc/make.conf (or /etc/defaults/make.conf) match on both of machines ?



horio shoichi