Date: Sat, 12 Nov 2005 23:38:49 -0700 From: Aaron Siegel <bulk_mail@siegel-tech.net> To: freebsd-questions@freebsd.org Subject: In a bit of a bind - DNS problems and ipfw Message-ID: <200511122338.49766.bulk_mail@siegel-tech.net>
next in thread | raw e-mail | index | archive | help
Hello
I am having problems with my FreeBSD 5.4 gateway/firewall. When I enable a
custom firewall (ipfw) or the "Simple" firewall through rc.firewall my
clients are unable to resolve DNS when DNS does work with the "Open" ruleset
that is provide by rc.firewall. I create the custom firewall couple years
ago and they work fine under 4.11 but after the upgrade I have not been able
to get them to work.
I sure I am doing something stupid but I am not smart enough to solve it at
the moment.
Thank you
Aaron Siegel
Custom firewall rules
#Allow DNS
$cmd 019 allow tcp from any to any 53 out via $pif
$cmd 018 allow udp from any to any 53 out via $pif
/etc/rc.conf
gateway_enable="YES"
firewall_enable="YES"
firewall_type="open"
natd_enable="YES"
natd_interface="dc0"
ifconfig_dc0="192.168.0.2" #public interface
ifconfig_fxp0="192.168.245.1 netmask 255.255.255.0" #private interface
/etc/rc.conf
I have commented out the following lines
#${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200511122338.49766.bulk_mail>