Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 7 Jan 2005 13:28:52 -0600
From:      Nathan Kinkade <nkinkade@ub.edu.bz>
To:        V Foulk <kaosent@kewd.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: IPFW and whois lookup
Message-ID:  <20050107192851.GK3639@gentoo-npk.bmp.ub>
In-Reply-To: <000401c4f4dd$953bcad0$68bbbbc0@kewdaeahnhd04i>
References:  <000401c4f4dd$953bcad0$68bbbbc0@kewdaeahnhd04i>
next in thread | previous in thread | raw e-mail | index | archive | help 

--2XUWoe1nmt7t49kG
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jan 07, 2005 at 10:23:16AM -0700, V Foulk wrote:
> Hello,
>=20
> 	I have recently setup IPFW on a test box, and
> found that (for the most part) it was pretty straight
> forward.  Every rule and service on the box seems to work
> great, except for one problem I haven't been able to track
> down.  Regardless of the settings, even when set to open as
> default with only the allow all from any to any rule, whois and
> hostname lookups fail.
>=20
> 	This problem prevented clamav from updating, and a whole=20
> slew of other minor issues that pop up in the logs.  I was hoping
> someone may be able to point out something that I may have missed?
>=20
> When IPFW is enabled:
> When the service uses the local NS, a manual whois gives:
> whois: connect(): No route to host
>=20
> When the service uses the upstream NS, a manual whois gives:
> whois: com.whois-servers.net: hostname nor servname provided, or not known
>=20
> (NS as set in resolv.conf)
>=20
> The only way I can make the error 'go away' is to disable ipfw in rc.conf
> and reboot.
>=20
> I am certain that this is just a silly oversight on my part.
> The machine is running FreeBSD 5.2.1-RELEASE-p13, please let me know if
> there
> is any other information I can provide that will be useful. Thank you very
> much,
> in advance, for the help.
>=20
> VF

The output of `ipfw list` would be very helpful.

Nathan

--2XUWoe1nmt7t49kG
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFB3uLzO0ZIEthSfkkRAu5PAJ40sod5QUFVwft9mDUFLAEYCcMXRACggxkv
lRxC1psyQF5RXySfpWNdWmI=
=yJqa
-----END PGP SIGNATURE-----

--2XUWoe1nmt7t49kG--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050107192851.GK3639>