From owner-freebsd-net Fri Feb 2 13:24:35 2001 Delivered-To: freebsd-net@freebsd.org Received: from virtual2.sysadmin-inc.com (unknown [209.16.228.145]) by hub.freebsd.org (Postfix) with SMTP id B002637B401 for ; Fri, 2 Feb 2001 13:24:16 -0800 (PST) Received: (qmail 4356 invoked by alias); 2 Feb 2001 21:24:15 -0000 Received: from unknown (HELO wkst) (10.10.1.70) by ssl.sysadmin-inc.com with SMTP; 2 Feb 2001 21:24:15 -0000 Reply-To: From: "Peter Brezny" To: Subject: ipfw not allowing dns traffic Date: Fri, 2 Feb 2001 16:23:22 -0500 Message-ID: <000801c08d5e$5f4259c0$46010a0a@sysadmininc.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I thought I had everything. # Allow DNS traffic from internet to query your DNS (for reverse # lookups etc). $fwcmd add allow tcp from any 53 to $ns1 53 setup $fwcmd add allow udp from any 53 to $ns1 53 $fwcmd add allow udp from $ns1 53 to any 53 but nslookup's fail from outside the firewall on another machine in nslookup with server set to my firewall machine. What have i missed? Peter Brezny SysAdmin Services Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message