Date: Fri, 28 Jun 1996 07:01:27 -0500 From: Alex Nash <alex@fa.tdktca.com> To: nate@mt.sri.com Cc: phk@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: IPFW bugs? Message-ID: <31D3C997.CA9F25F@fa.tdktca.com>
next in thread | raw e-mail | index | archive | help
> Go re-read it.
>
> I'll repeat the two rules again out of my original email, for the seeing
> impaired.
>
> # Allow SSH/SMTP/DNS/POP3 connections to/from anywhere
> ipfw add 20 pass tcp from any to any 22,25,53,110 via $1
>
> That's the DNS line:
>
> # Allow NTP stuff through
> ipfw add pass all from any 123 to any via $1
> ipfw add pass all from any to any 123 via $1
>
> And there's the NTP line. No confusion except in your reading of it.
Peace, Nate. We're all working towards a common goal. This is what you
posted the first time:
And, if I add the lines:
ipfw add pass tcp from any to any 123 via $1
ipfw add pass udp from any to any 123 via $1
ipfw add pass icmp from any to any 123 via $1
I still can't do DNS resolution. Weird, huh?
> > It's certainly a bug that you have rules with the same number, that
> > looks VERY weird to me, also where was your 65535 block all rule ?
>
> I set them to be the same #. Should I not?
It's easier from a insertion/deletion standpoint to space them out.
By default, rules are add with indexes 100 greater than the last
index. Having rules with the same index will not cause the rules
to fail in any way though.
Alex
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?31D3C997.CA9F25F>