From owner-freebsd-hackers  Mon Jun  2 01:33:44 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id BAA07494
          for hackers-outgoing; Mon, 2 Jun 1997 01:33:44 -0700 (PDT)
Received: from pcpsj.pfcs.com (nrZzUPxxNbdCp2c68MSIkrko6reyuxVy@harlan.fred.net [205.252.219.31])
          by hub.freebsd.org (8.8.5/8.8.5) with SMTP id BAA07486
          for <hackers@FreeBSD.ORG>; Mon, 2 Jun 1997 01:33:33 -0700 (PDT)
Received: from mumps.pfcs.com (mumps.pfcs.com [192.52.69.11]) by pcpsj.pfcs.com (8.6.12/8.6.9) with SMTP id EAA00372; Mon, 2 Jun 1997 04:33:19 -0400
Received: from localhost by mumps.pfcs.com with SMTP id AA05829
  (5.67b/IDA-1.5); Mon, 2 Jun 1997 04:33:18 -0400
To: Eivind Eklund <perhaps@yes.no>
Cc: hackers@FreeBSD.ORG
Subject: Re: Improvements to rc.firewall? 
In-Reply-To: Your message of "Mon, 02 Jun 1997 09:39:56 +0200."
             <199706020739.JAA18950@bitbox.follo.net> 
Date: Mon, 02 Jun 1997 04:33:16 -0300
Message-Id: <5827.865240396@mumps.pfcs.com>
From: Harlan Stenn <Harlan.Stenn@pfcs.com>
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

I "sort of" tested them, and they worked for me.

I checked this out by doing a tcpdump of my ppp link, and looked at all
of the DNS traffic.  Responses to my queries came in to *my* port 53.

Independent of whether or not my suggested rule is wrong, the old rule
will give free reign to anybody who sends UDP packets from their NTP or
DNS ports.

H