Date: Wed, 02 Feb 2005 15:05:50 -0500 From: Chuck Swiger <cswiger@mac.com> To: Graham Dresch <gdresch@spcint.com> Cc: freebsd-doc@freebsd.org Subject: Re: Error in Handbook Message-ID: <4201329E.6020008@mac.com> In-Reply-To: <Pine.BSF.4.58.0502021403320.66014@dragon.spcplus.com> References: <Pine.BSF.4.58.0502021403320.66014@dragon.spcplus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Graham Dresch wrote: > In Chapter 24 Firewalls: > > Section 24.6.5.7: > > Example ruleset #2: > > $cmd 020 $skip tcp from any to x.x.x.x 53 out via $pif setup keep-state > ^^^ ^^^^^ > > DNS uses UDP, setup is inapplicable to UDP DNS responses which do not fit into a UDP packet are sent via TCP instead, as are zone transfers between nameservers. DNS uses both 53/tcp and 53/udp. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4201329E.6020008>