ipfw2 - too many dynamic rules
Chuck Swiger
cswiger at mac.com
Tue Oct 18 16:31:15 PDT 2005
Stec John wrote:
> I need some help with ipfw2 on my squid box
>
> I have too many dynamic rules errors for dns
> Can I insert a dns static rule into my rules (as below) and how?
[ ... ]
# allow DNS,NTP queries out in the world
add pass udp from any 1024-65535 to any 53,123
add pass udp from any 53,123 to any 1024-65535
add pass udp from any 53,123 to any 53,123
add pass tcp from me to any 53 setup keep-state
Note that you probably want to use the combination of "setup keep-state"
elsewhere in your rules, too.
--
-Chuck
More information about the freebsd-questions
mailing list