Date: Sun, 14 Nov 2004 09:30:59 -0500 From: Chuck Swiger <cswiger@mac.com> To: Emil Khatib <fenomenoxp2@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: host name lookup failure under 4.9 Message-ID: <41976C23.2080602@mac.com> In-Reply-To: <dd999232041114061645000810@mail.gmail.com> References: <dd999232041114061645000810@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Emil Khatib wrote: [ ... ] > The firewall rules are: > > pass udp from me to any 53 keep-state > pass tcp from me to any 20 keep-state > pass tcp from me to any 21 keep-state > pass tcp from me to any 80 keep-state > > So I want to allow DNS, FTP and HTTP. Your rules aren't enough to work right; at the very least, you need a check-state rule to permit return traffic to the connections you approve of via the keep-state keyword. I suggest you examine /etc/rc.firewall carefully and look at the example rulesets there. Also, while you can use IPFW and natd in conjunction with PPP via the tun0 interface, doing so is more complicated than need be since PPP already has firewall and NAT'ing capabilities built-in. Using them directly via your ppp.conf might be easier. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?41976C23.2080602>