On 08/20/13 12:41, Dan Lists wrote:
> You might turn on logging and post the logs of what is being blocked.
> Sometimes things are being blocked by rules you do not expect.
Thanks for the suggestion.
I was seeing refusals from named and mistakenly interpreting them
as ipfw issues.
> On Mon, Aug
You might turn on logging and post the logs of what is being blocked.
Sometimes things are being blocked by rules you do not expect.
On Mon, Aug 19, 2013 at 4:18 PM, Gary Aitken wrote:
> On 08/19/13 00:36, Jason Cox wrote:
> > Are you sure that your DNS requests are over TCP? DNS primarily uses
On 08/19/13 00:36, Jason Cox wrote:
> Are you sure that your DNS requests are over TCP? DNS primarily uses UDP to
> serve requests. TCP is used when the response data size exceeds 512 bytes
> (I think), or for tasks such as zone transfers. I know a few resolver
> implementations use TCP for all que
On 08/19/13 11:53, OpenSlate ChalkDust wrote:
> On Sun, Aug 18, 2013 at 8:06 PM, Gary Aitken wrote:
>
>> I'm having some weird ipfw behavior, or it seems weird to me, and am
>> looking
>> for an explaination and then a way out.
>>
>> ipfw list
>> ...
>> 21109 allow tcp from any to 12.32.44.142 ds
On Mon, Aug 19, 2013 at 1:06 AM, Gary Aitken wrote:
>
> ipfw list
> ...
> 21109 allow tcp from any to 12.32.44.142 dst-port 53 in via tun0 setup
> keep-state
> 21129 allow tcp from any to 12.32.36.65 dst-port 53 in via tun0 setup
> keep-state
> ...
> 65534 deny log logamount 5 ip from any to any
On Sun, Aug 18, 2013 at 8:06 PM, Gary Aitken wrote:
> I'm having some weird ipfw behavior, or it seems weird to me, and am
> looking
> for an explaination and then a way out.
>
> ipfw list
> ...
> 21109 allow tcp from any to 12.32.44.142 dst-port 53 in via tun0 setup
> keep-state
> 21129 allow tc
Are you sure that your DNS requests are over TCP? DNS primarily uses UDP to
serve requests. TCP is used when the response data size exceeds 512 bytes
(I think), or for tasks such as zone transfers. I know a few resolver
implementations use TCP for all queries, but most I have used not. You
might wa
Hi,
> > However, I can't get the config to work. I've commented out
> all the deny
> > rules. In this instance, I can browse the web via SQUID
> that's installed
> > on the IPFW box. I can't browse the web directly, though.
> That is the
> > only external access I get. I can't ping any site
Ben Quick wrote:
Hello all,
I've been hunting around for information on IPFW, and how to set up the
rules I require. I found a tutorial that seemed to fit my needs:
http://www.mostgraveconcern.com/freebsd/ipfw.html
However, I can't get the config to work. I've commented out all the deny
rules.
Hi Subhro,
Thanks for your reply
The reason I want the server to route between the internal network and
the router is because I only want to allow specific clients out onto the
internet, and I can't see how to do this with the router I've got. Plus,
it's a good excuse to try to learn something n
10 matches
Mail list logo
