From owner-freebsd-questions  Wed Oct 10  0:10:33 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from falcon.mail.pas.earthlink.net (falcon.mail.pas.earthlink.net [207.217.120.74])
	by hub.freebsd.org (Postfix) with ESMTP id 5F64937B40B
	for <freebsd-questions@FreeBSD.ORG>; Wed, 10 Oct 2001 00:10:28 -0700 (PDT)
Received: from blossom.cjclark.org (dialup-209.245.138.251.Dial1.SanJose1.Level3.net [209.245.138.251])
	by falcon.mail.pas.earthlink.net (8.11.5/8.9.3) with ESMTP id f9A7AE309256;
	Wed, 10 Oct 2001 00:10:15 -0700 (PDT)
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.3) id f9A7ABT02561;
	Wed, 10 Oct 2001 00:10:11 -0700 (PDT)
	(envelope-from cjc)
Date: Wed, 10 Oct 2001 00:10:11 -0700
From: "Crist J. Clark" <cristjc@earthlink.net>
To: freebsd-questions@FreeBSD.ORG
Cc: leblanc+freebsd@acadia.ne.mediaone.net
Subject: Re: ipfw question - hostname/address spec?
Message-ID: <20011010001011.F387@blossom.cjclark.org>
Reply-To: cjclark@alum.mit.edu
References: <20011004071834.A2458@acadia.ne.mediaone.net> <20011004135129.E297@blossom.cjclark.org> <20011009005629.D589@acadia.ne.mediaone.net> <20011009035651.N350@blossom.cjclark.org> <20011009145144.C64668@acadia.ne.mediaone.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20011009145144.C64668@acadia.ne.mediaone.net>; from leblanc+freebsd@acadia.ne.mediaone.net on Tue, Oct 09, 2001 at 02:51:45PM -0400
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Tue, Oct 09, 2001 at 02:51:45PM -0400, Louis LeBlanc wrote:
> On 10/09/01 03:56 AM, Crist J. Clark sat at the `puter and typed:
> > [snip]
> > 
> > /etc/rc.firewall would be good.
> 
> Ok, you asked for it . . .

[snip]

> > If DNS works fine once the system is up, but doesn't work when running
> > the rc.firewall script, it sure sounds like you are killing your own
> > lookups due to the rule ordering.
> 
> It doesn't work at all.  Not even via direct IP.

Hmmm?

> Thanks for your help.  I'm sure to learn something useful in all this.
> Which is the point, I guess.

[snip]

I can't reproduce the problem and it does look like DNS lookups should
be working by the time the SMTP and NNTP rules are reached. I'm not
sure what is happening here. You could try adding some logging to see
what is going on in the ruleset. It also may be some other strange DNS
interaction.
-- 
Crist J. Clark                           cjclark@alum.mit.edu
                                         cjclark@jhu.edu
                                         cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message