Date: Wed, 6 Jan 1999 04:34:39 -0800 (PST) From: Mike Meyer <mwm@phone.net> To: Yusuf Goolamabbas <yusufg@huge.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: How to allow incoming DNS via 'client' prof in rc.firewall Message-ID: <Pine.BSF.4.05.9901060423280.25797-100000@guru.phone.net> In-Reply-To: <19990106121751.23171.qmail@yusufg.portal2.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6 Jan 1999, Yusuf Goolamabbas wrote:
> I read further in rc.firewall and came across "simple" profile
>
> I copied the following line to just after allow setup of incoming mail
> in "client" profile
> /sbin/ipfw add pass tcp from any to ${ip} 53 setup
>
> Rebooted. Same query from external host. Again failure
>
> I can only get the query answered by keeping firewall type as open
>
> Can anybody tell me how I can allow access to my DNS from outside
> whilst having all the features of the "client" profile in rc.firewall
You need to allow both incoming and outgoing packets, and for udp, not
tcp. Try:
/sbin/ipfw add pass udp from any to ${ip} 53
/sbin/ipfw add pass udp from ${ip} to any 53
<mike
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9901060423280.25797-100000>