Restating=20 your problem. Every thing works as expected for requests originating = from the=20 public internet, But any requests origination from the LAN behind your = firewall gets denied. = This could=20 very well be a IPFW firewall rules problem. You have to have a IPFW = rule to=20 allow all originating LAN traffic to pass through the firewall. For = each LAN=20 Nic card you have on your GATEWAY/IPFW FBSD box, you must have an=20 corresponding rule in the IPFW rules file like this.

allow=20 all from any to any via xl0 =20 Where xl0 is the FBSD NIC card device name of your Lan Nic = card. This rule normally is = located in the=20 beginning of the IPFW rules file. If you still need help post your = IPFW rules=20 file for review.

Joe

-----Original=20 Message-----
From:=20 owner-freebsd-questions@FreeBSD.ORG=20 [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of = sagacious
Sent: Tuesday, July 23, 2002 = 3:21=20 AM
To:=20 freebsd-questions@freebsd.org
Subject: Need help with=20 DNS

Hi. I=20 changed my network setup a while ago. I had to put everything behind a = firewall router due to a denial of service attack.. So now, I am = specifying a=20 “static” ip in my rc.conf, but it’s a local one, = 192.168.1.20, I port=20 forwarded all the services to that ip. The problem is, you can all go = to my=20 site, http://www.unixhideout.com,=20 but if I click that url, my router pass box pops up… I had to = temporarily=20 change ALL the links in my site, for example <img src=3Dh= ttp://www.unixhideout.com/img/blah.gif=20 to <img src=3D/img/blah.gif.. and I access the box using http://192.168.1.20 I don’t = want to have to do=20 this, and a lot of things do not work for me and its my site!! Well, I = posted=20 this a while ago, and a lot of people said if I ran my own DNS for my = domain,=20 I could stop this from happening.. Well I took the time to learn DNS a = bit,=20 and im running it now, and I was wondering exactly what I need to do.. = In my=20 unixhideout.com.hosts I specified this..

$ttl=20 38400

unixhideout.com. = IN =20 SOA =20 labs. root.unixhideout.com. (

&n= bsp; =20 1025839968

&n= bsp; =20 10800

&n= bsp; =20 3= 600

&n= bsp; =20 604800

&n= bsp; =20 38400 )

unixhideout.com. = IN =20 NS =20 labs

labs.unixhideout.com. IN = A =20 65.187.193.189

root.unixhideout.com. IN = RP =20 root.unixhideout.com. admin

Host-Info.unixhideout.com. = IN = HINFO INTEL=20 FreeBSD

mail.unixhideout.com. IN = MX 10=20 65.187.193.189

unixhideout.com. = IN =20 A =20 65.187.193.189

mail.unixhideout.com. IN = A =20 65.187.193.189

smtp.unixhideout.com. IN = A 65.187.193.189

www.unixhideout.com. IN = A =20 65.187.193.189

pop3.unixhideout.com. IN = A =20 65.187.193.189

irc.unixhideout.com. IN = A =20 65.187.193.189

email.unixhideout.com. IN = A =20 65.187.193.189

ftp.unixhideout.com. IN = A =20 65.187.193.189

Everything=20 works.. You guys (the net) can go to my site and use all the services. = But I=20 cannot.. I tried changing all those IPS to 192.168.1.20, and then I = could use=20 unixhideout.com and you couldn’t!! im losing my patience! Please = tell me what=20 I have to do for the internet AND ME to be able to use the domain I = paid for!=20 =3D] and when you explain pretend I’m 2 years old. Im fragile.=20 Thanks!

sagacious=20 (Mike)

Network=20 administrator

The=20 unixhideout network

http://www.unixhideout.com=