On Wed, 19 Feb 2003, Stefan Sonnenberg-Carstens wrote: > How stupid are YOU !??!?!?
No need to insult people. The original poster choice the subject, not David. > DNS uses tcp/53 for zone transfers regarding slave servers, not big packets > ! You don't consider zone transfer large packets? > ----- Original Message ----- > From: "David Krause" <[EMAIL PROTECTED]> > To: "Dave Rocks" <[EMAIL PROTECTED]> > Cc: <[EMAIL PROTECTED]> > Sent: Wednesday, February 19, 2003 3:29 PM > Subject: Re: how stupid is this? > > > > * Dave Rocks <[EMAIL PROTECTED]> [030219 04:09]: > > > matter that I run dns & mail on my firewall. My pf rules are pretty > > > standard, a default deny + allow in UDP on port 53 & TCP on 25. > > > I also allow in SSH, WWW but only from my work IP address, so that > > > shouldn't affect things & POP but only from internal hosts. > > > > DNS sometimes also uses TCP on port 53 for large packets, so you > > probably want to allow that as well. > > > > David Cheers, Dries -- Dries Schellekens email: [EMAIL PROTECTED]
