Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 18 Jan 2000 09:42:41 -0800 (PST)
From:      "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net>
To:        marius@alpha1.net (Marius Strom)
Cc:        oogali@intranova.net (Omachonu Ogali), briang@expnet.net (Brian Gallucci), isp@FreeBSD.ORG, freebsd-ipfw@FreeBSD.ORG
Subject:   Re: New Firewall
Message-ID:  <200001181742.JAA48615@gndrsh.dnsmgr.net>
In-Reply-To: <Pine.BSF.4.21.0001181028120.2429-100000@marius.org> from Marius Strom at "Jan 18, 2000 10:28:44 am"

next in thread | previous in thread | raw e-mail | index | archive | help
> Incidentally, you may want to allow (udp|tcp)/53 for DNS services inbound,
> if that's necessary. ( It's fumbled many a new FW setup )

And is often done quite wrong.  udp|tcp/53 is often used as a way around
a firewall if the rules are not written correctly.  See archive of this
and other FreeBSD mailling lists for lots of discussion about how to and
how not to do this correctly.

...[No need to quote the whole thing yet again....]


-- 
Rod Grimes - KD7CAX @ CN85sl - (RWG25)               rgrimes@gndrsh.dnsmgr.net


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001181742.JAA48615>