Date: Fri, 26 Jan 2001 08:08:11 +0100 (MET) From: Mark Lastdrager <mark@pine.nl> To: Peter Brezny <peter@sysadmin-inc.com> Cc: <freebsd-net@FreeBSD.ORG> Subject: Re: ipfw not allowing udp? Message-ID: <Pine.GSO.4.30.0101260806270.6031-100000@atro.pine.nl> In-Reply-To: <003601c0874f$ea8932c0$46010a0a@sysadmininc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At Thu, 25 Jan 2001, owner-freebsd-net@FreeBSD.ORG wrote: >I have a line in my firewall config like this: > >ipfw add allow udp from any 53 to my.ns.ip.here 53 > >and was dissappointed to find that when i configured a secondary name server >to use the primary behind the firewall, it was unable to make the zone >transfers... > >have i missed something big and zone transfers require more than just port >53? I think I don't have to repeat that zonetransfers use 53/tcp ;-) What could be helpful here is to insert a rule before the default deny rule: ipfw add deny log ip from any to any This way all denies are being logged so you can see what's wrong. Mark Lastdrager -- Pine Internet BV :: tel. +31-70-3111010 :: fax. +31-70-3111011 PGP 92BB81D1 fingerprint 0059 7D7B C02B 38D2 A853 2785 8C87 3AF1 Today's excuse: The rolling stones concert down the road caused a brown out To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.30.0101260806270.6031-100000>