Imre Oolberg wrote:
Hallo!
I am observing seemingly perplexing problem on OpenBSD 4.1 firewall.
Some dns queries work from behind firewall towards internet and others
doesnt. For example doesnt work query which has a big response of TXT data.
If someone could explain to me where to look to or what to tune to
regain those packages which seem to be lost somewhere between pf and
interface.
how about providing a bit more information? such as more of pf.conf than
just 2 lines; there's nothing mentioned about dns there.
my guess based on the information you've not provided is that you're
only passing UDP DNS & not TCP DNS appropriately.
cheers, scorch
