From owner-freebsd-questions Thu Feb 3 5:41:49 2000 Delivered-To: freebsd-questions@freebsd.org Received: from alphazed.com (magrathea.alphazed.com [209.181.49.240]) by builder.freebsd.org (Postfix) with SMTP id 9F7CE4379 for ; Thu, 3 Feb 2000 05:41:46 -0800 (PST) Received: (qmail 18467 invoked from network); 3 Feb 2000 13:41:49 -0000 Received: from overload.foresight.co.uk (HELO zinger.uk.alphazed.com) (212.125.93.19) by magrathea.alphazed.com with SMTP; 3 Feb 2000 13:41:49 -0000 Received: (qmail 9902 invoked by uid 1000); 3 Feb 2000 13:41:14 -0000 Date: Thu, 3 Feb 2000 13:41:13 +0000 From: daniel lawrence To: freebsd-questions@freebsd.org Subject: ypbind and ipfw Message-ID: <20000203134113.P520@alphazed.com> Reply-To: danny@AlphaZed.com Mail-Followup-To: freebsd-questions@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.3i Organization: AlphaZed, Ltd Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I am trying to configure NIS on a host configured with anti-spoofing ipfw rules. This host is the domain master server and I want it to bind to itself. It looks like it is sending a broadcast on the ethernet interface looking for a portmapper. But this broadcast is being blocked by ipfw. When I open up ipfw the system binds to itself right away. The rule which is causing trouble is: 01300 deny log ip from 10.0.0.236 to any in recv pn0 The intention, of course, is to block spoofs, but it is also blocking its own broadcasts. Is there a better way to code the ipfw rules? Is there a better way to get ypbind to bind to localhost? -- daniel lawrence AlphaZed, Ltd mailto:danny@AlphaZed.com http://www.AlphaZed.com +44 (0)1322 410 419 London To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message