Date: Sun, 26 Feb 2006 20:15:42 +0500 From: Roman Serbski <mefystofel@gmail.com> To: freebsd-questions@freebsd.org Subject: Help with IP Filter 4.1.8 Message-ID: <cca5083b0602260715w2f4a9e49o494f2f537afca2db@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi all, I am having a problem with ipf after recent upgrade to 6.1-PRERELEASE. Any help would be greatly appreciated. ipf: IP Filter: v4.1.8 (416) Kernel: IP Filter: v4.1.8 Running: yes Log Flags: 0 =3D none set Default: pass all, Logging: available Active list: 0 Feature mask: 0xa I am trying to allow outgoing dns requests from my server to DNS server of ISP. Here is my ruleset: ipfstat -oh 0 pass out quick on lo0 from any to any 0 pass out quick on xl0 proto tcp from any to any port =3D domain flags S/FSRPAU keep state 1 pass out quick on xl0 proto udp from any to any port =3D domain keep stat= e 0 block out log quick on xl0 all ipfstat -ih 0 pass in quick on lo0 from any to any 0 block in quick on xl0 all I tried `host www.google.com` and the connection was timed out, although there was a hit on a rule allowing 53/udp. The interesting thing is that there is another server running 5.3-STABLE with ipf v3.4.35 (336) and it has the same ruleset and everything is working just fine. Thank you for your time.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cca5083b0602260715w2f4a9e49o494f2f537afca2db>