From owner-freebsd-questions Mon Sep 3 20: 1:19 2001 Delivered-To: freebsd-questions@freebsd.org Received: from web12002.mail.yahoo.com (web12002.mail.yahoo.com [216.136.172.210]) by hub.freebsd.org (Postfix) with SMTP id 3A9E237B406 for ; Mon, 3 Sep 2001 20:01:15 -0700 (PDT) Message-ID: <20010904030115.2119.qmail@web12002.mail.yahoo.com> Received: from [203.21.228.44] by web12002.mail.yahoo.com via HTTP; Tue, 04 Sep 2001 13:01:15 EST Date: Tue, 4 Sep 2001 13:01:15 +1000 (EST) From: =?iso-8859-1?q?Keith=20Spencer?= Subject: ADSL + firewall IPF <- no dns or path out! Help???? To: fbsd MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi all, More on this dilemma of mine but another aspect. I have opened up my new firewall rules to pass in/out all for testing because I can't seem to ping out from the firewall machine and hence from any machine on my lan. In ipf.rule I did .... pass in quick any all pass out quick any all So as I read it that should open it up (wide open?) ifconfig -a reports dhcp assigned ip and default gateway on tun0 from my adsl connection OK ...so it dialed out and authenticated fine. But I need dns to work...it aint! Here are some configs.... My Resolv.conf is++++++++++++++++++++++ search smmc.qld.edu.au nameserver 192.168.1.1 <--this is my local lan dnsserver (this machine is fine! DNS works on it OK. It is multi-homed to a routable IP and has an external isdn connection) nameserver 61.9.128.13 <--I guess these 2 have come from the dhcp at my ISP via ADSL nameserver 61.9.128.16 ++++++++++++++++++++++++++++++++++++++++++++++ netstat -nr reports... +++++++++++++++++++++++++++++++++++++++++++++ Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 172.31.16.24 UGSc 4 56 tun0 127.0.0.1 127.0.0.1 UH 0 0 lo0 172.31.16.24 144.137.148.12 UH 4 0 tun0 192.168.1 link#1 UC 0 0 dc0 => +++++++++++++++++++++++++++++++++++++++++++ Where dc0 is the internal lan connection NIC 192.168.1.0/32 To me it looks OK. I can ping my 192.168.1.1 DNS server...but no go! Frustration is starting to set in. Any help is needed. Advice is welcome but I have read some docs...to no avail Keith http://travel.yahoo.com.au - Yahoo! Travel - Got Itchy feet? Get inspired! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message