Re: Issues with IPFW skipto Rule and Whitelisting Logic

> 
> Did you try to remove `-q` from all your scripts and see if there are errors?
> May be something in dmesg? Adding another log rules for your test IP? tcpdump?
> 
> -- 
> WBR, @nuclight


ipfw -q add 00032 count log logamount 0 ip from 175.178.0.0/16 to any

After that, I checked /var/log/security while trying to connect from 175.178.167.241 (I can only use a web interface they provide me to test the connection). During these tests, I saw DNS requests coming from 175.178.254.144 and 175.178.136.250 to port 53, which I assume are their DNS resolvers. Once I added those two IPs to table(3), I could no longer reproduce the issue. I will test again tomorrow, but I’m now quite sure the real problem was DNS resolution failing because those resolver IPs were blocked.