Error in Handbook
Chuck Swiger
cswiger at mac.com
Wed Feb 2 20:06:19 UTC 2005
Graham Dresch wrote:
> In Chapter 24 Firewalls:
>
> Section 24.6.5.7:
>
> Example ruleset #2:
>
> $cmd 020 $skip tcp from any to x.x.x.x 53 out via $pif setup keep-state
> ^^^ ^^^^^
>
> DNS uses UDP, setup is inapplicable to UDP
DNS responses which do not fit into a UDP packet are sent via TCP instead, as
are zone transfers between nameservers. DNS uses both 53/tcp and 53/udp.
--
-Chuck
More information about the freebsd-doc
mailing list