From owner-freebsd-ipfw@FreeBSD.ORG Fri May 20 13:50:37 2005 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92D0A16A4CE for ; Fri, 20 May 2005 13:50:37 +0000 (GMT) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id C20BC43D9C for ; Fri, 20 May 2005 13:50:36 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id 0AA355DA4; Fri, 20 May 2005 09:50:36 -0400 (EDT) Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 23569-04; Fri, 20 May 2005 09:50:35 -0400 (EDT) Received: from [192.168.1.3] (pool-68-161-53-96.ny325.east.verizon.net [68.161.53.96]) by pi.codefab.com (Postfix) with ESMTP id 0EC375CAF; Fri, 20 May 2005 09:50:34 -0400 (EDT) Message-ID: <428DEB28.5030505@mac.com> Date: Fri, 20 May 2005 09:50:32 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.7) Gecko/20050414 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Stephane Raimbault References: <39F3A41D-9555-452F-8B41-3EA03E1AC460@enertiasoft.com> <1116435784.34699.23.camel@jose> <5D5EFEE7-F123-43CB-A40E-7FF7EAF03C07@enertiasoft.com> In-Reply-To: <5D5EFEE7-F123-43CB-A40E-7FF7EAF03C07@enertiasoft.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at codefab.com cc: freebsd-ipfw@freebsd.org Subject: Re: named error sending response: permision denied X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 May 2005 13:50:37 -0000 Stephane Raimbault wrote: > Does anyone have any further thoughts on this, or could maybe point me > in a direction that could help me solve the problem? Take a look at "ipfw -a l", and see which rules are being matched. The output from that command is critical for understanding what the firewall is actually doing, and should help you figure out what is going on. [1] Do these make your DNS work better: ipfw add 1 pass udp from any to any 53 ipfw add pass udp from any 53 to any ...? These rules are too open, and should just be used for testing, but you can see if the problem is with the firewall rules you have now, and adjust things from there. -- -Chuck [1]: It would also help *us* figure out what the issue is. If you still need help after this, providing more info would be useful.