> To make this a yes or no perhaps makes sense.
> Is the following ruleset (in principle) enough for access to a dns server
> behind a pf firewall?
> pass in on xl0 inet proto {tcp, udp} from any to any port 53 keep state
Add:
pass out on xl1 inet proto {tcp, udp} from any to any port 53 keep state
and it will work.
--
H�lio Alexandre Lopes Loureiro [[EMAIL PROTECTED]]
Regional Software Supply & Integration
South America
Tel.: + 55 11 6224-1795
Public Key ID: FB5972D1@http://search.keyserver.net
