From owner-freebsd-isp Tue Apr 16 22:39:30 2002 Delivered-To: freebsd-isp@freebsd.org Received: from rwcrmhc53.attbi.com (rwcrmhc53.attbi.com [204.127.198.39]) by hub.freebsd.org (Postfix) with ESMTP id 30C2737B404; Tue, 16 Apr 2002 22:39:23 -0700 (PDT) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc53.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020417053922.QZMW1083.rwcrmhc53.attbi.com@blossom.cjclark.org>; Wed, 17 Apr 2002 05:39:22 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g3H5dIS60416; Tue, 16 Apr 2002 22:39:18 -0700 (PDT) (envelope-from cjc) Date: Tue, 16 Apr 2002 22:39:18 -0700 From: "Crist J. Clark" To: apache@ukr.net Cc: isp@FreeBSD.ORG, hackers@FreeBSD.ORG Subject: Re: ipfw fwd to named Message-ID: <20020416223918.B59924@blossom.cjclark.org> References: <200204151653.g3FGr1Wb051955@server1.office.bezpeka.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200204151653.g3FGr1Wb051955@server1.office.bezpeka.net>; from apache@ukr.net on Mon, Apr 15, 2002 at 07:53:01PM +0300 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Apr 15, 2002 at 07:53:01PM +0300, apache@ukr.net wrote: > Hi. > > I have network interface rl0 > > rl0: flags=8843 mtu 1500 > inet 192.168.10.22 netmask 0xffffff00 broadcast 192.168.10.255 > inet 192.168.10.26 netmask 0xffffffff broadcast 192.168.10.26 > ether 00:60:52:0b:a3:0a > media: Ethernet autoselect (100baseTX ) > status: active > > In named.conf > > listen-on port 2053 { > 192.168.10.26; > }; > > Named works fine in JAIL > dig -p 2053 @192.168.10.26 test.domain > > I want to forward all 192.168.10.22:53 queries to the jailed named. > > ifpw add 300 fwd 192.168.10.26,2053 udp from any to 192.168.10.22 53 > ifpw add 310 fwd 192.168.10.26,2053 tcp from any to 192.168.10.22 53 > > When i launch dig without port options to the server 192.168.10.22 it says > that connection refused. > > I did same this sshd (put it in jail and forward its port) and > it works fine. > > What's wrong? Have you done a tcpdump(1) on the loopback to see what is going on? # tcpdump -ni lo0 -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message