Thanks for the reply,
# ipfw list
65535 allow ip from any to any
I did have more elaborate rule sets that worked great, with the
exception of the whois/hostname lookups.
I ran cvsup and installed world/kernel, using the same firewall rule
as above.
The problem seems to have stopped (as of this writing)
The OS is running on an old 500mhz machine, and only the RAM
is new. I had to replace the old 128MB card with a couple new ones, since
the
old card failed a memory check. Since this last recompile, all has been well
and I thank you again for your response.
VF
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Nathan Kinkade
Sent: Friday, January 07, 2005 12:29 PM
To: V Foulk
Cc: freebsd-questions@freebsd.org
Subject: Re: IPFW and whois lookup
On Fri, Jan 07, 2005 at 10:23:16AM -0700, V Foulk wrote:
Hello,
I have recently setup IPFW on a test box, and
found that (for the most part) it was pretty straight forward. Every
rule and service on the box seems to work great, except for one
problem I haven't been able to track down. Regardless of the
settings, even when set to **open as default with only the allow all
from any to any rule**, whois and hostname lookups fail.
This problem prevented clamav from updating, and a whole
slew of other minor issues that pop up in the logs. I was hoping
someone may be able to point out something that I may have missed?
When IPFW is enabled:
When the service uses the local NS, a manual whois gives:
whois: connect(): No route to host
When the service uses the upstream NS, a manual whois gives:
whois: com.whois-servers.net: hostname nor servname provided, or not
known
(NS as set in resolv.conf)
The only way I can make the error 'go away' is to disable ipfw in
rc.conf and reboot.
I am certain that this is just a silly oversight on my part. The
machine is running FreeBSD 5.2.1-RELEASE-p13, please let me know if
there is any other information I can provide that will be useful.
Thank you very much,
in advance, for the help.
VF
The output of `ipfw list` would be very helpful.
Nathan
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]