Date: Fri, 10 Nov 2000 21:48:00 +1100 From: Zero Sum <count@shalimar.net.au> To: Mike Meyer <mwm@mired.org> Cc: questions@FreeBSD.ORG Subject: Re: ipfw firewall question Message-ID: <00111021480007.00417@shalimar.net.au> In-Reply-To: <14859.46378.832801.322465@guru.mired.org> References: <14859.46378.832801.322465@guru.mired.org>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- On Friday 10 November 2000 19:43, Mike Meyer wrote: > Zero Sum <count@shalimar.net.au> types: > > I have the following ipfw firewall rules... > > > > 01100 allow udp from 198.142.161.98 to 203.2.75.132 53 out xmit tun0 > *.* > > 01200 allow udp from 198.142.161.98 to 203.2.75.108 53 out xmit tun0 > > 01300 allow udp from 203.2.75.132 53 to 198.142.161.98 in recv tun0 > > 01400 allow udp from 203.2.75.108 53 to 198.142.161.98 in recv tun0 > > > > But my log shows.... > > > > ipfw: 65435 Deny UDP 198.142.161.98:1024 202.2.75.132:53 out via tun0 > *.* > > > > The first of the DNS rules should allow any port from 198.142.161.98 to > > 203.3.75.132 port 53 should it not? > *.* > > > > What am I not understanding? > > Your understanding is right; your reading is wrong. Note the marked > digits carefully - you've got three different IP addresses there, > always with either 2s or 3s in the marked locations. > > <mike Thank you Mike. That was driving me barmy. Going blind in my old age. Just a typo... Geoff -- count@shalimar.net.au Nihil curo de ista tua stulta superstitione -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: +6A0Pgl1fr61kntoF/DPnEtOk3bIQXD1 iQA/AwUBOgvSYPh4xz7LU/evEQLRkACg/NQN/UiTFlVP9htWnotby/MvZVAAn3Zn u15x+UNK0t0ajxd24JApjD8x =f5pf -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00111021480007.00417>