From owner-freebsd-isp Tue Apr 16 23:34: 2 2002 Delivered-To: freebsd-isp@freebsd.org Received: from misery.sdf.com (misery.sdf.com [207.200.153.226]) by hub.freebsd.org (Postfix) with ESMTP id CCA8D37B417 for ; Tue, 16 Apr 2002 23:33:56 -0700 (PDT) Received: from tom (helo=localhost) by misery.sdf.com with local-esmtp (Exim 2.12 #1) id 16xiBu-00079x-00; Tue, 16 Apr 2002 22:41:14 -0700 Date: Tue, 16 Apr 2002 22:41:12 -0700 (PDT) From: Tom Samplonius To: apache@ukr.net Cc: isp@freebsd.org Subject: Re: ipfw fwd to named In-Reply-To: <200204160733.g3G7Xb9Q012912@server1.office.bezpeka.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 16 Apr 2002 apache@ukr.net wrote: > > do you have a loopback route at the host environment like: > > 192.168.10.26 127.0.0.1 UGHS 3 4497 lo0 > > > > at my side that was the problem (and this route is never mentioned at the > > jail-man page...( ) > > it didn't help. As i've told, i can ``dig -p 2053 ...'', > but without port option forwarding doesn't work. I'm not sure why you want to do this, but "fwd" simply directs the packet to a specific port. It doesn't alter the packet, so the application must understand what to do with it. named will simply drop packets coming from an IP that it didn't bind to. You probably want to do a form of NAT, so the source and destination IPs are translated prior to directing the packets to named. Basically, so the destination IP is translated to the IP you are forwarding it to, and reversed on reply traffic. However, that seems like a lot of overhead. Much better to get DNS traffic to go direct. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message