Date: Thu, 27 Jun 1996 22:52:52 -0700 From: Poul-Henning Kamp <phk@freebsd.org> To: Nate Williams <nate@mt.sri.com> Cc: current@freebsd.org Subject: Re: IPFW bugs? Message-ID: <2910.835941172@critter.tfs.com> In-Reply-To: Your message of "Thu, 27 Jun 1996 23:37:05 MDT." <199606280537.XAA13666@rocky.mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199606280537.XAA13666@rocky.mt.sri.com>, Nate Williams writes: > >> DNS: port 123 is NTP, DNS is port 53 (duh! <:-) > >Yeah, and your point is? See the comments above the lines, it explains >that 123 is NTP. The problem is that DNS/udp wasn't enabled, yet one I >enabled NTP/all DNS worked, and when I disabled NTP/all DNS quit >working. Why is that? Your email listed rules saying "123" in a context where you complain about DNS. :-) >The pilot has a pretty good idea what he's doing. didn't look like it :-) At least not for the DNS part :-) >Given the following output. Remember that the default is "Allow nothing" You will probably want to have allow all from 127.0.0.1 to 127.0.0.1 via lo0 in there somewhere... (if your 123 was a typo, this could be why your DNS fails.) It's certainly a bug that you have rules with the same number, that looks VERY weird to me, also where was your 65535 block all rule ? >I can telnet/login/ftp/etc.. *from* non-local machines to this box. Why >is that? Add "log" to all rules and see which number lets you though. Also, don't let your current fight with Jordan affect your temper and or patience with other people. I'm not saying the code is bug free, I'm merely asking you to be less incoherent and more constructive. -- Poul-Henning Kamp | phk@FreeBSD.ORG FreeBSD Core-team. http://www.freebsd.org/~phk | phk@login.dknet.dk Private mailbox. whois: [PHK] | phk@ref.tfs.com TRW Financial Systems, Inc. Future will arrive by its own means, progress not so.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2910.835941172>