Date: Tue, 18 Oct 2005 19:31:14 -0400 From: Chuck Swiger <cswiger@mac.com> To: Stec John <stecjohn2005@mail.ws> Cc: freebsd-questions@freebsd.org Subject: Re: ipfw2 - too many dynamic rules Message-ID: <435585C2.6040006@mac.com> In-Reply-To: <00ca01c5d428$ec7b6fa0$df010a0a@csl.ws> References: <00ca01c5d428$ec7b6fa0$df010a0a@csl.ws>
next in thread | previous in thread | raw e-mail | index | archive | help
Stec John wrote: > I need some help with ipfw2 on my squid box > > I have too many dynamic rules errors for dns > Can I insert a dns static rule into my rules (as below) and how? [ ... ] # allow DNS,NTP queries out in the world add pass udp from any 1024-65535 to any 53,123 add pass udp from any 53,123 to any 1024-65535 add pass udp from any 53,123 to any 53,123 add pass tcp from me to any 53 setup keep-state Note that you probably want to use the combination of "setup keep-state" elsewhere in your rules, too. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?435585C2.6040006>