Date: Sun, 8 Oct 2006 16:37:10 -0700 From: "Kian Mohageri" <kian.mohageri@gmail.com> To: "Justin Franks" <jfranks@inetassociation.com> Cc: freebsd-pf@freebsd.org Subject: Re: Need a little PF help here, please... Message-ID: <fee88ee40610081637i365b8eb8qb4827c01300040d9@mail.gmail.com> In-Reply-To: <000001c6eb31$bab05140$6401a8c0@iea4grrtmmd560> References: <000001c6eb31$bab05140$6401a8c0@iea4grrtmmd560>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/8/06, Justin Franks <jfranks@inetassociation.com> wrote: > > Have been using PF for over two years and recently ran into "problem" > which I am sure is something I am overlooking. So I need some direction. > Here it is: I recently enabled BIND9 on FreeBSD 6.1. I have PF running > too (PF config below). If I ping yahoo.com nothing happens. However, if > I comment out the PF rule "block in all" then suddenly I can ping > yahoo.com. Why will my server not resolve names (like yahoo.com) if the > "block in all" statement exists? Why does that statement mess it up? > What am I missing? Please help because I am totally frustrated. > > add 'set skip on lo' before scrub, so you can pass traffic on the loopback interface (which many things use). Also, might want to space out your pf.conf a little differently so it has some distinct sections.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fee88ee40610081637i365b8eb8qb4827c01300040d9>