Date: Tue, 28 Jul 1998 17:35:03 +1000 From: "Hallam Oaks P/L list account" <maillist@oaks.com.au> To: "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG>, "Jesse" <j@lumiere.net> Subject: Re: ipfw rules to allow DNS activity Message-ID: <199807280734.RAA23635@mail.aussie.org>
next in thread | raw e-mail | index | archive | help
On Mon, 27 Jul 1998 00:16:38 -0700 (PDT), Jesse wrote: >I'm thinking of changing one of my boxes which is running bind (performing >primary secondary DNS functions) from allow-anything-except-things- >specifically-denied ipfw rules to deny-everything-except-things- >specifically-allowed rules (open vs closed? hehe). Anyway, I was wondering >what are the minimum rules necessary to allow DNS queries/transfers from >? >other servers to my server, and also to allow queries from my server to >other servers. check out the rc.firewall I posted to the list recently (it's also on the FreeBSD rc.firewall page ; see http://www.metronet.com/~pgilley/freebsd/ipfw/ for more info. the one I posted has entries to allow DNS (as the machine it's used on is a primary DNS server). -- Chris Hallam Oaks P/L To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807280734.RAA23635>