How stupid are YOU !??!?!? DNS uses tcp/53 for zone transfers regarding slave servers, not big packets !
----- Original Message ----- From: "David Krause" <[EMAIL PROTECTED]> To: "Dave Rocks" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Wednesday, February 19, 2003 3:29 PM Subject: Re: how stupid is this? > * Dave Rocks <[EMAIL PROTECTED]> [030219 04:09]: > > matter that I run dns & mail on my firewall. My pf rules are pretty > > standard, a default deny + allow in UDP on port 53 & TCP on 25. > > I also allow in SSH, WWW but only from my work IP address, so that > > shouldn't affect things & POP but only from internal hosts. > > DNS sometimes also uses TCP on port 53 for large packets, so you > probably want to allow that as well. > > David > > >
