ipfw + named problem

From: Nick Twaddell (nick_at_webspacesolutions.com)
Date: 01/23/04

  • Next message: Nick Twaddell: "RE: ipfw + named problem" 
    To: <security@freebsd.org>
Date: Fri, 23 Jan 2004 01:47:23 -0800

    Ok, I am really stumped on this one. I setup ipfw with all my rules.
    Everything works great except for dns. If I do nslookup I get

    -su-2.05b# nslookup yahoo.com
    Server: localhost.webspacesolutions.com
    Address: 127.0.0.1

    *** localhost.webspacesolutions.com can't find yahoo.com: Non-existent
    host/domain

    This is what I have in my ipfw.rules

    add 00310 allow tcp from any to any 53 out via de0 setup keep-state
    add 00311 allow udp from any to any 53 out via de0 keep-state

    What am I missing??

    Thanks

    Nick

    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Nick Twaddell: "RE: ipfw + named problem"

    Relevant Pages

    • Re: Windows 2003 DNS: Recursive query fails when looking its own d
      ... If I do nslookup dcserver1.domain.com.au. ... As mentioned, in the DNS tab, I tried to uncheck the appending parent DNS ... suffix, but still, it does not want to stop appending the .com.au bit. ... > Notice that neither nslookup nor the DNS client will append the TLD "au" it ...
      (microsoft.public.windows.server.dns)
    • Re: Some DNS server names will not resolve using internal servers
      ... I have done all the nslookup commands. ... All of our external ISP DNS ... Is there a trace i could do on the DNS server to tell me what is happening? ...
      (microsoft.public.windows.server.dns)
    • Re: nslookup question
      ... It seems to be happening only when they first start their browser. ... DNS on the server. ... > Something you need to keep in mind; nslookup operates a bit differently for name resolution than do most other network apps. ...
      (microsoft.public.isa.clients)
    • Re: DNS or WINs issue I do not know
      ... > I wouldn't say it is a flaw if it bypasses the local DNS cache, ... Just like it does when nslookup does the reverse ... That is a flaw (perhaps not a design flaw but certainly one of presentation ... > suffix on the client, ...
      (microsoft.public.win2000.dns)
    • RE: ipfw + named problem
      ... Nick ... I setup ipfw with all my rules. ... If I do nslookup I get ... To unsubscribe, ...
      (FreeBSD-Security)