Date: Mon, 06 Nov 2017 11:33:50 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 74610] Hostname resolution failure causes firewall rules to stop loading Message-ID: <bug-74610-8-fYH5aBMn14@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-74610-8@https.bugs.freebsd.org/bugzilla/> References: <bug-74610-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=74610 Eugene Grosbein <eugen@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|freebsd-bugs@FreeBSD.org |eugen@freebsd.org CC| |eugen@freebsd.org Status|In Progress |Closed Resolution|--- |Works As Intended --- Comment #4 from Eugene Grosbein <eugen@freebsd.org> --- DNS service is started way later that firewall configuration happens, so it is error of administrator to rely on it in the ipfw ruleset processed at boot time. There are several ways to make it right, though: - for simple cases, just add an IP address to /etc/hosts; - for more correct behaviour, use ipfw table instead of direct FQDN usage: ipfw table 1 create type addr ipfw add allow ip from 'table(1)' to any Then create rcNG startup script requiring "named" service (or local_unbound etc.) that would populate table with all addresses of needed FQDN later when DNS resolution service is running. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-74610-8-fYH5aBMn14>