I would prefer you use BIND9 ACL instead of iptables. see this video for more details: https://www.youtube.com/watch?v=s3VXLIXGazM
On Thu, Sep 22, 2016 at 6:43 PM, Pol Hallen <pfsens...@fuckaround.org> wrote: > Hi all :-) > > I need to create some rules to allow BIND internal server network makes > recursive queries: I've iptables rules but I've some problem with PF :-( > > Can someone "transalte" these rules to pfsense? > > for processing DNS queries: > > iptables -I INPUT 1 -p tcp -m tcp --dport 53 -m state --state > NEW,ESTABLISHED -j ACCEPT > iptables -I INPUT 2 -p udp -m udp --dport 53 -m state --state > NEW,ESTABLISHED -j ACCEPT > > and for sendind responses back to client > > iptables -A OUTPUT -p tcp -m tcp --sport 53:65535 --dport 53 -m state > --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p udp -m udp --sport 53:65535 --dport 53 -m state > --state NEW,ESTABLISHED -j ACCEPT > > thanks for help! > > Pol > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold