From owner-freebsd-questions Thu Dec 20 14: 7:36 2001 Delivered-To: freebsd-questions@freebsd.org Received: from lucifer.velosystems.net (cx144844-b.pv1.ca.home.com [24.9.137.174]) by hub.freebsd.org (Postfix) with ESMTP id B0F1237B405 for ; Thu, 20 Dec 2001 14:07:32 -0800 (PST) Received: from jeeves.velosystems.net (jeeves.velosystems.net [192.168.1.6]) by lucifer.velosystems.net (Postfix) with SMTP id 3C2F372684; Thu, 20 Dec 2001 14:07:32 -0800 (PST) Date: Thu, 20 Dec 2001 14:07:32 -0800 From: Steve Wingate To: "Dustin Puryear" Cc: freebsd-questions@freebsd.org Subject: Re: Firewall question for public DNS server Message-Id: <20011220140732.4f206f64.steve@velosystems.net> In-Reply-To: References: Organization: Velosystems X-Mailer: Sylpheed version 0.6.6 (GTK+ 1.2.9; i386--freebsd4.4) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 19 Dec 2001 22:52:33 -0600 "Dustin Puryear" wrote: > I am having problems configuring a FreeBSD 4.4-RELEASE firewall to allow a > DNS server to work. When I say "work" I mean it is unable to resolve names. > Instead, it just times out. Please note that we are using static NAT. Also, > the DNS server is NOT located on the firewall. (On a related note, if I run > a DNS server on the firewall it works.) The DNS server does have a public IP > address via the static NAT mapping, but I would think it should work > regardless. At least, for resolving names. I use ipfilter, not ipfw, but I didn't think you used NAT if you have public IPs. I think ipfilter's bimap function took care of it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message