Date: Wed, 26 Dec 2001 17:22:55 -0800 (PST) From: X Philius <xphilius@yahoo.com> To: David Wolfskill <david@catwhisker.org>, security@freebsd.org Subject: Re: Help with ipfw rules to allow DNS queries through Message-ID: <20011227012255.80858.qmail@web11805.mail.yahoo.com> In-Reply-To: <200112261952.fBQJqe207151@bunrab.catwhisker.org>
next in thread | previous in thread | raw e-mail | index | archive | help
David, I think I need to clarify the NAT setup. I have dedicated, fixed external and internal IP addresses. As far as I know our Cisco router just translates everything, without analysis, between my internal and external addresses, in both directions. I assume you were talking about the common office set up where everyone shares an internal, or an external address. Considering this, should the ruleset I posted eariler work? I am currently using an external name server for resolution, but I will be setting up named and using my own named for resolution. Jason --- David Wolfskill <david@catwhisker.org> wrote: > You mention that you're behind NAT. > > If you're also wanting to handle master (primary) or slave > (secondary) > nameservice, natd will need to be told what should happen to an > in-bound DNS query. (You may want to think about this for a little > bit.) > > Depending on what the intended destination for incoming DNS queries > is now, > this may be challenging or nearly impossible.... > > Cheers, > david __________________________________________________ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011227012255.80858.qmail>