From owner-freebsd-questions Wed Aug 11 14:43: 5 1999 Delivered-To: freebsd-questions@freebsd.org Received: from gateway.ciminot.com (gateway.ciminot.com [208.149.231.26]) by hub.freebsd.org (Postfix) with ESMTP id 9A7F6155E8 for ; Wed, 11 Aug 1999 14:42:56 -0700 (PDT) (envelope-from dave@ciminot.com) Received: from dave ([192.168.200.15]) by gateway.ciminot.com (8.9.1/8.9.1) with SMTP id QAA00522; Wed, 11 Aug 1999 16:39:50 -0500 (CDT) (envelope-from dave@ciminot.com) From: "David B. Aas" To: "'Oscar Bonilla'" Cc: Subject: RE: FW: Need consulting help with v3.2 firewall Date: Wed, 11 Aug 1999 16:41:14 -0500 Message-ID: <000f01bee442$3cf646e0$0fc8a8c0@dave.ciminot.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <19990805154536.A885@fisicc-ufm.edu> X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Once again, Oscar you helped me out! Thanks for the assistance. I cleaned up my rules, and set up the logging. That helped lots. My rules had some problems with UDP from the internal net. I fixed those. I set up a rule to allow all from any to any and ran my POP3 client on my network workstations. It still does not work. I am thinking that it is something to do with my DNS. My console still gives me an error message "servername popper[number]:(v2.53) unable to get canonical name of client, err=0" Should I post my DNS settings? I have checked them over several times, and don't see anything wrong. I had it set for a secondary DNS server, and I changed it to a caching DNS server as a troubleshooting technique. I am following the discussion in "The Complete FreeBSD". Am I missing something? Dave Aas dave@ciminot.com > > I would suggest deleting all rules and leaving just the natd stuff (if > you need it) and an allow ip from any to any. See if that works (also > try ping). If it doesn't you've crossed out the ruleset as a possible > cause of trouble. Something else is misconfigured. If it does work, > change the ruleset to deny ip from any to any and slowly start adding > rules until you have everything working. > > Regards, > > -Oscar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message