-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I should point out that there is a "workaround" - to not change the
source port
number on DNS traffic.
The fix is somewhat simple.
If you have a line like this in your ipnat.conf:
map bge0 0/0 -> 0/32 portmap tcp/udp 10000:20000
Then you need to add another one before it and reload:
map bge0 from any to any port = 53 -> 0/32 tcp/udp
map bge0 0/0 -> 0/32 portmap tcp/udp 10000:20000
Cheers,
Darren
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkiG8JUACgkQP7JIXtvLbFWcPQCgouTL5A74bORZDaQ9lLjLxoDx
eysAoJNYdXBhNQ1IjyEJwZlKEsCq897j
=HFaP
-----END PGP SIGNATURE-----
