From owner-freebsd-questions Fri May 1 21:17:54 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA01148 for freebsd-questions-outgoing; Fri, 1 May 1998 21:17:54 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from mail.apc.net (mail.inhousecorp.com [207.113.177.8] (may be forged)) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id VAA01135 for ; Fri, 1 May 1998 21:17:50 -0700 (PDT) (envelope-from dima@apc.net) Received: from icg-apc-pr1-p14.apc.net (icg-apc-pr1-p14.apc.net [207.211.76.168]) by mail.apc.net (NTMail 3.03.0013/1d.aag5) with ESMTP id ma832714 for ; Fri, 1 May 1998 21:17:45 -0700 Message-Id: <3.0.5.32.19980501211444.00919bb0@mail.apc.net> X-Sender: dima@mail.apc.net X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32) Date: Fri, 01 May 1998 21:14:44 -0700 To: freebsd-questions@FreeBSD.ORG From: Dima Dorfman Subject: IPFW Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi: I'm trying to deny UDP to my whole network, except DNS. I am using IPFW, and Bind 8.1.1. Here are my rules: ipfw add 1 allow udp from any to 192.168.77.2 53 ipfw add 2 deny udp from any to any It still doesn't work. DNS doesn't get through. I heard that bind uses wired addresses which it isn't allowed to use, but 8.1.1 fixed that with a line in the named.conf file. I added that line, but it still seems to be responding on 138, 1050, 1051, ... Has anyone had any luck with this? Thanks! --- Dima Dorfman (dima@apc.net) "640k ought to be enough for anybody." - Bill Gates, 1981 Micro$oft $ucks! FreeBSD Rules! http://www.freebsd.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message