Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 9 Dec 2003 09:04:34 -0500
From:      "Thomas S. Crum - 1WISP, Inc." <tscrum@1wisp.com>
To:        "Gregory Edigarov" <greg@profi.kharkov.ua>, <freebsd-ipfw@freebsd.org>
Subject:   Re: ipfw keep-state (ASAP anwser need)
Message-ID:  <01aa01c3be5d$5ff20b80$5e01a8c0@1wispadmin>
References:  <20031209102312.GB529@profi.kharkov.ua>
next in thread | previous in thread | raw e-mail | index | archive | help 
If you are using the machine as a bridge, then you must specify the ip
address of the inside interface that you are running bind on.

Replace "me" with the ip.

Best,
Tom
----- Original Message ----- 
From: "Gregory Edigarov" <greg@profi.kharkov.ua>
To: <freebsd-ipfw@freebsd.org>
Sent: Tuesday, December 09, 2003 5:23 AM
Subject: ipfw keep-state (ASAP anwser need)


> Hello,
>
> The folowing is a fragment of my rc.firewall which must
> allow all
> traffic in and out of my named.
>
> ----
> ipfw add 4100 allow udp from me to any 53 keep-state
> ipfw add 4200 allow udp from any to me 53
> ipfw add 4300 allow udp from me 53 to any
> ---
> This is a fragment from my kernel configuration:
> ---
> options         IPFIREWALL              #firewall
> options         IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
> options         IPFIREWALL_FORWARD      #enable transparent proxy support
> options         IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity
> options         IPDIVERT                #divert sockets
> options         IPSTEALTH
> options         ICMP_BANDLIM
> options         DUMMYNET
> options         BRIDGE
> options         IPFW2
> ---
> It doesn't work. What am I missing?
>
> -- 
> With best regards,
>         Gregory Edigarov
> --------------------------------------------------------------------------
----
> profi.kharkov.ua                                        Systems
Administrator
> --------------------------------------------------------------------------
----
> _______________________________________________
> freebsd-ipfw@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org"
>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01aa01c3be5d$5ff20b80$5e01a8c0>