Date: Mon, 2 Jun 1997 21:43:39 +1000 (EST) From: Darren Reed <avalon@coombs.anu.edu.au> To: perhaps@yes.no (Eivind Eklund) Cc: Harlan.Stenn@pfcs.com, perhaps@yes.no, hackers@FreeBSD.ORG Subject: Re: Improvements to rc.firewall? Message-ID: <199706021148.EAA14857@hub.freebsd.org> In-Reply-To: <199706021036.MAA19344@bitbox.follo.net> from "Eivind Eklund" at Jun 2, 97 12:36:30 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Hmmm, ipfilter doesn't necessarily expose you to this... pass out on ppp0 proto udp from <thishost> port = 53 to any keep state (it will parse that too!) althought the timeout is not short. this will automatically let the reply packets back in. only a named should be talking to an external named so you can do filter packets to/from port 53. darren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706021148.EAA14857>