IPFW and whois lookup
Nathan Kinkade
nkinkade at ub.edu.bz
Fri Jan 7 11:28:57 PST 2005
On Fri, Jan 07, 2005 at 10:23:16AM -0700, V Foulk wrote:
> Hello,
>
> I have recently setup IPFW on a test box, and
> found that (for the most part) it was pretty straight
> forward. Every rule and service on the box seems to work
> great, except for one problem I haven't been able to track
> down. Regardless of the settings, even when set to open as
> default with only the allow all from any to any rule, whois and
> hostname lookups fail.
>
> This problem prevented clamav from updating, and a whole
> slew of other minor issues that pop up in the logs. I was hoping
> someone may be able to point out something that I may have missed?
>
> When IPFW is enabled:
> When the service uses the local NS, a manual whois gives:
> whois: connect(): No route to host
>
> When the service uses the upstream NS, a manual whois gives:
> whois: com.whois-servers.net: hostname nor servname provided, or not known
>
> (NS as set in resolv.conf)
>
> The only way I can make the error 'go away' is to disable ipfw in rc.conf
> and reboot.
>
> I am certain that this is just a silly oversight on my part.
> The machine is running FreeBSD 5.2.1-RELEASE-p13, please let me know if
> there
> is any other information I can provide that will be useful. Thank you very
> much,
> in advance, for the help.
>
> VF
The output of `ipfw list` would be very helpful.
Nathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050107/71756fbb/attachment.bin
More information about the freebsd-questions
mailing list