Date: Sat, 20 Dec 2003 23:34:31 +0200 From: bonifaktuura@inbox.lv To: freebsd-security@FreeBSD.ORG Subject: Re: Configuring JAIL to bind on lo0 interface Message-ID: <1071956071.3fe4c0675e36f@www2.inbox.lv> In-Reply-To: <200312191920.39141.mkenyeres@konvergencia.hu> References: <20031219162648.GA76539@blurp.one.pl> <20031219193645.759a4dbe.list@ostankino.ru> <20031219164713.GA76661@blurp.one.pl> <200312191920.39141.mkenyeres@konvergencia.hu>
index | next in thread | previous in thread | raw e-mail
> so allow rules will look something along the lines of: > > pass in quick on fxp0 proto tcp from any to 127.0.0.53 port = 1053 flags S > keep state > pass in quick on fxp0 proto udp from any to 127.0.0.53 port = 1053 keep > state well, in case if he has block by default policy he will need smth like this, too: pass out quick on fxp0 proto tcp from 127.0.0.53 to any port = 53 flags S keep state pass out quick on fxp0 proto udp from 127.0.0.53 to any port = 53 keep state and changing 'any' to dns servers he's using as masters is good idea. p. This message contains no viruses. Guaranteed by Kaspersky Anti-Virus. http://www.antivirus.lvhelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1071956071.3fe4c0675e36f>