From owner-freebsd-net Fri Feb 2 9:36:36 2001 Delivered-To: freebsd-net@freebsd.org Received: from virtual2.sysadmin-inc.com (unknown [209.16.228.145]) by hub.freebsd.org (Postfix) with SMTP id 2BB7C37B6A7 for ; Fri, 2 Feb 2001 09:36:19 -0800 (PST) Received: (qmail 3249 invoked by alias); 2 Feb 2001 17:36:18 -0000 Received: from unknown (HELO wkst) (10.10.1.70) by ssl.sysadmin-inc.com with SMTP; 2 Feb 2001 17:36:18 -0000 Reply-To: From: "Peter Brezny" To: Subject: ipfw and dns Date: Fri, 2 Feb 2001 12:35:29 -0500 Message-ID: <001701c08d3e$892a1860$46010a0a@sysadmininc.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Is this all i need to allow dns queries from the outside world? $fwcmd add allow tcp from any 53 to $ns1 53 i'm using ipfw and $ns1 just happens to be the same machine as the firewall. it's 4.2-stable (as of two days ago) and now it appears that an outsidemachine can's perform an nslookup using my box as the server to do the queries on. TIA Peter Brezny SysAdmin Services Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message