Hi Chuck, are you suggesting to add these dns rules on top of the existing
rules?
Can I use allow instead of pass?
- Original Message -
From: Chuck Swiger [EMAIL PROTECTED]
To: Stec John [EMAIL PROTECTED]
Cc: freebsd-questions@freebsd.org
Sent: Tuesday, October 18, 2005 12:31 PM
Subject: Re: ipfw2 - too many dynamic rules
Stec John wrote:
I need some help with ipfw2 on my squid box
I have too many dynamic rules errors for dns
Can I insert a dns static rule into my rules (as below) and how?
[ ... ]
# allow DNS,NTP queries out in the world
add pass udp from any 1024-65535 to any 53,123
add pass udp from any 53,123 to any 1024-65535
add pass udp from any 53,123 to any 53,123
add pass tcp from me to any 53 setup keep-state
Note that you probably want to use the combination of setup keep-state
elsewhere in your rules, too.
--
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]