Date: 28 Feb 2003 22:42:12 -0800 From: Mark <mw@lanfear.com> To: Mark <mw@lanfear.com> Cc: questions@freebsd.org Subject: Re: DNS and ipfw Message-ID: <1046500933.10689.9.camel@donburi> In-Reply-To: <1046497302.10689.4.camel@donburi> References: <1046497302.10689.4.camel@donburi>
next in thread | previous in thread | raw e-mail | index | archive | help
This is really wonky! I've tried all sorts of variations on the following rules: add pass tcp from any 53 to 10.0.0.0/24 add pass udp from any 53 to 10.0.0.0/24 add pass tcp from 10.0.0.0/24 to any 53 add pass udp from 10.0.0.0/24 to any 53 Any ideas at all? Thanks, Mark. On Fri, 2003-02-28 at 21:41, Mark wrote: > > > Hello! > > I'm having a real bear of a time getting my ipfw and natd working on > FreeBSD 4.7. > > I've set up everything for gateway operations, ipfw, and natd, and have > set up the firewall, and configured the addresses in /etc/rc.firewall. > > However .... If I every try to use 'simple', I cannot do DNS queries > from inside my network. My network looks like this: > > > outside world -- FREEBSD Router/NATD -- internal net hub > > on the internal hub is a server that runs a DNS server, and all my > other machines, all of which point their DNS at it, and it, in turn, > points its DNS to the outside network. > > Can somebody help me figure out some rules to allow DNS traffic from > that one server through a "simple" firewall, and likewise, all > replies/responses to come back to said server? > > I've been trying all sorts of different things from Google, but nothing > seems to quite do the trick. > > Thanks, > Mark. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1046500933.10689.9.camel>