dougb at FreeBSD.org
Thu Jul 17 23:00:04 UTC 2008
Daniel Gerzo wrote:
> Hello freebsd-net,
> would somebody more knowledgeable then I am in ip6 review this 
> small patch for /etc/rc.firewall6? May I get an approval from some
> src/ committer to commit this (please keep me in the CC: list)?
> Thank you.
>  http://cvsup.sk.freebsd.org/~danger/rc.ipfw6.diff
Looks like the right direction to go in for the DNS stuff, yes.
About the ntp stuff, 2 questions. First, you did not make the same
changes in the NTP section in the second hunk as you did in the first,
is that intentional? Second, wouldn't it be better to specify the port
number (123) on both sides? NTP uses that same port for sending and
receiving queries, and I've always built firewalls that way successfully.
This .signature sanitized for your protection
More information about the freebsd-net