Date: Mon, 27 Feb 2006 16:57:04 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Roman Serbski <mefystofel@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Help with IP Filter 4.1.8 Message-ID: <20060227145704.GA38009@flame.pc> In-Reply-To: <20060227145011.GA37745@flame.pc> References: <cca5083b0602260715w2f4a9e49o494f2f537afca2db@mail.gmail.com> <4402232A.8010908@locolomo.org> <cca5083b0602270548s4147d332v5df89fdb9a0b7ccd@mail.gmail.com> <20060227145011.GA37745@flame.pc>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2006-02-27 16:50, Giorgos Keramidas <keramida@ceid.upatras.gr> wrote: > It looks like the stateful rule didn't succeed in creating a state for > the outgoing UDP packet: > > pass out quick on lo0 from any to any > pass out quick on xl0 proto tcp from any to any port = domain flags S/FSRPAU keep state > => pass out quick on xl0 proto udp from any to any port = domain keep state > block out log quick on xl0 all > > I'm not sure why this would happen though. One reason why this could fail is that the xl0 interface is not part of the route to your ISP's DNS servers. How many interfaces does the system have? Is xl0 in the path to your ISP's router?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060227145704.GA38009>