Date: Wed, 9 Jan 2002 06:14:08 -0800 (PST) From: X Philius <xphilius@yahoo.com> To: muhitov@kostasoft.spb.ru, security@FreeBSD.ORG Subject: RE: Help with ipfw rules to allow DNS queries through Message-ID: <20020109141408.5474.qmail@web11803.mail.yahoo.com> In-Reply-To: <2E8E747BA4D4994CB49D56AF57F1728208B309@adv.KOSTASOFT.kostasoft.spb.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Yuri, Is is sufficient to use the default "open" rule set, or do you think I need to swap out my kernel and modules so that I do not have ipfw in the kernel at all? I have compiled the kernel with ipfw and default to deny, so I cen't really "turn off" the firewall without swapping kernels. As far as being authoratative on a domain, I have not gotten to that point yet, but I *think* I have a pretty good handle on that part of the equation. I have some "junk" domains (ie no traffic URL's) that I can practice on once I get everything set up. One of my questions is how to verify that my name server is set up and available externally, without going through the hassle of getting a friend involved to provide secondary, and wrestling with changing settings at my registrar. Jason --- Yuri Muhitov <muhitov@kostasoft.spb.ru> wrote: > > > > -----Original Message----- > > From: owner-freebsd-security@FreeBSD.ORG > > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of X Philius > > Sent: Wednesday, January 09, 2002 4:30 AM > > To: Ian Smith > > Cc: G.P. de Boer; security@FreeBSD.ORG; Dave Raven > > Subject: Re: Help with ipfw rules to allow DNS queries through > > > > > > > > > > Advice: Turn off firewall while debugging your DNS setup. > Question: Did somebody registered your zone and name server (so, did > you get > your nameserver authoritative for zone)? > > Take a look at this (RFC 1033 DOMAIN ADMINISTRATORS OPERATIONS > GUIDE): > > ADDING A SUBDOMAIN > To add a new subdomain to your domain: > Setup the other domain server and/or the new zone file. > Add an NS record for each server of the new domain to the zone file > of the > parent domain. > Add any necessary glue RRs. > > Yuri > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message __________________________________________________ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020109141408.5474.qmail>