Date: Sat, 10 Jun 2000 13:37:26 -0400 (EDT) From: Andy Dills <andy@xecu.net> To: "purpledreams.com system administrator" <super@purpledreams.com> Cc: cjclark@alum.mit.edu, freebsd-ipfw@FreeBSD.ORG Subject: Re: Hijacking DNS with ipfw Message-ID: <Pine.GSO.4.21.0006101335160.18010-100000@shell.xecu.net> In-Reply-To: <001201bfd2fb$971c45e0$a3337218@purpledreams.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 10 Jun 2000, purpledreams.com system administrator wrote: > I think that you will still need natd or something similiar, as ipfw > doesn't change the packets, and natd does, exactly as you describe > above. The problem is how to make the redirection occur for _any_ > connection attempt to port 53, instead of merely redirecting port 53 > attempts to known IPs. Well, to provide more input, I did this: I set up apache on this box, running on the standard port 80. I did a: ipfw add 200 fwd 127.0.0.1,80 tcp from any to any 80 recv xl1 And guess what...it worked perfectly. So, I'm growing closer to assuming this is a named issue. I'm considering trying out tinydns from bernstien, to see what happens with that. Andy xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Andy Dills 301-682-9972 Xecunet, LLC www.xecu.net xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Dialup * Webhosting * E-Commerce * High-Speed Access To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.21.0006101335160.18010-100000>