From owner-freebsd-questions Tue Aug 28 8:32:32 2001 Delivered-To: freebsd-questions@freebsd.org Received: from hermes.niicommunications.com (hermes.niicommunications.com [207.207.35.34]) by hub.freebsd.org (Postfix) with ESMTP id B77AF37B401 for ; Tue, 28 Aug 2001 08:32:28 -0700 (PDT) (envelope-from jason.hunt@niicommunications.com) Received: from niicommunications.com (lippisch [192.168.2.224]) by hermes.niicommunications.com (8.11.2/8.11.2) with ESMTP id f7SFWSt21300 for ; Tue, 28 Aug 2001 10:32:28 -0500 (CDT) (envelope-from jason.hunt@niicommunications.com) Message-ID: <3B8BB98C.E4966DF9@niicommunications.com> Date: Tue, 28 Aug 2001 10:32:28 -0500 From: Jason Hunt X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: dns/fwcmd question Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG greetings, I have an internal DNS server running and I would like for DNS traffic from internet to be able to query for reverse lookups. The problems seems to be with my firewall rules. I have the following: $fwcmd add allow tcp from any to 192.168.x.x 53 setup $fwcmd add allow udp from any 53 to 192.168.x.x 53 $fwcmd add allow tcp from any 53 to 192.168.x.x 53 when I run nmap, port 53 does show up, but its state is closed. I can connect to port 53 from the firewall to the internal DNS machine without a problem, somehow I am not passing requests on the outside correcting to the internal dns. Any help on this issue would be appreciated. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message