In a bit of a bind - DNS problems and ipfw
Aaron Siegel
bulk_mail at siegel-tech.net
Sun Nov 13 06:26:39 GMT 2005
Hello
I am having problems with my FreeBSD 5.4 gateway/firewall. When I enable a
custom firewall (ipfw) or the "Simple" firewall through rc.firewall my
clients are unable to resolve DNS when DNS does work with the "Open" ruleset
that is provide by rc.firewall. I create the custom firewall couple years
ago and they work fine under 4.11 but after the upgrade I have not been able
to get them to work.
I sure I am doing something stupid but I am not smart enough to solve it at
the moment.
Thank you
Aaron Siegel
Custom firewall rules
#Allow DNS
$cmd 019 allow tcp from any to any 53 out via $pif
$cmd 018 allow udp from any to any 53 out via $pif
/etc/rc.conf
gateway_enable="YES"
firewall_enable="YES"
firewall_type="open"
natd_enable="YES"
natd_interface="dc0"
ifconfig_dc0="192.168.0.2" #public interface
ifconfig_fxp0="192.168.245.1 netmask 255.255.255.0" #private interface
/etc/rc.conf
I have commented out the following lines
#${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif}
More information about the freebsd-questions
mailing list