Date: Mon, 29 Oct 2001 09:00:05 -0600 From: Henrik Hudson <lists@rhavenn.net> To: "Ben Witkowski" <ben@alohagrowers.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: Firewall on 4.4 Message-ID: <200110301456.f9UEt4l29746@ashram.rhavenn.net> In-Reply-To: <DBEEJCFFMKHFOCLJLKFBGEJGCAAA.ben@alohagrowers.com> References: <DBEEJCFFMKHFOCLJLKFBGEJGCAAA.ben@alohagrowers.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You have of course modifed /etc/rc.firewall and the "simple" section for your specific setup, right? Basic DNS queries run over UDP if I remember correctly, so I would start by checking your setup in /etc/rc.firewall and making sure both interfaces are being allowed in/out, etc... Henrik On Monday 29 October 2001 02:42, Ben Witkowski wrote: > FreeBSD firewall.unitedglobaltrading.com 4.4-STABLE FreeBSD 4.4-STABLE #2: > Thu Sep 27 18:02:08 PDT 2001 > ben@firewall.unitedglobaltrading.com:/usr/obj/usr/src/sys/FIREWALL i386 > > i've installed a primary dns server on the above machine. > > the firewall is running "open", as "simple" type doesn't allow tcp traffic > through..we still don't know why.. > > the main question/problem is the name server. > it resolves hostnames fine on the internal network, but not on the outside > interface. is there some firewall config to allow the name server to send > and receive queries from ports other than 53? or should i consider > re-configuring bind to revert to its old behavior with the query-source > substatement? or is there any other know config elsewhere that might be > causing this? > > much appreciation.. > > -ben > aloha, oregon > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message -- Henrik Hudson lists@rhavenn.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110301456.f9UEt4l29746>