Help with IP Filter 4.1.8
Roman Serbski
mefystofel at gmail.com
Sun Feb 26 07:15:43 PST 2006
Hi all,
I am having a problem with ipf after recent upgrade to 6.1-PRERELEASE.
Any help would be greatly appreciated.
ipf: IP Filter: v4.1.8 (416)
Kernel: IP Filter: v4.1.8
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0
Feature mask: 0xa
I am trying to allow outgoing dns requests from my server to DNS
server of ISP. Here is my ruleset:
ipfstat -oh
0 pass out quick on lo0 from any to any
0 pass out quick on xl0 proto tcp from any to any port = domain flags
S/FSRPAU keep state
1 pass out quick on xl0 proto udp from any to any port = domain keep state
0 block out log quick on xl0 all
ipfstat -ih
0 pass in quick on lo0 from any to any
0 block in quick on xl0 all
I tried `host www.google.com` and the connection was timed out,
although there was a hit on a rule allowing 53/udp.
The interesting thing is that there is another server running
5.3-STABLE with ipf v3.4.35 (336) and it has the same ruleset and
everything is working just fine.
Thank you for your time.
More information about the freebsd-questions
mailing list