From owner-freebsd-questions@FreeBSD.ORG  Tue Dec  9 03:28:49 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 864B916A4CE
	for <freebsd-questions@freebsd.org>;
	Tue,  9 Dec 2003 03:28:49 -0800 (PST)
Received: from zim.0x7e.net (zim.0x7e.net [203.38.184.132])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4D91343D09
	for <freebsd-questions@freebsd.org>;
	Tue,  9 Dec 2003 03:28:48 -0800 (PST)
	(envelope-from listone@deathbeforedecaf.net)
Received: from goo.0x7e.net ([203.38.184.164] helo=goo)
	by zim.0x7e.net with smtp (Exim 3.36 #1)
	id 1ATg2m-0000dG-00; Tue, 09 Dec 2003 21:58:44 +1030
Message-ID: <006301c3be47$9c0c40b0$a4b826cb@goo>
From: "Rob" <listone@deathbeforedecaf.net>
To: "Gregory Edigarov" <greg@profi.kharkov.ua>
References: <20031209093254.GA366@profi.kharkov.ua>
	<004d01c3be3a$ebecc850$a4b826cb@goo> <20031209101749.GA529@profi.kharkov.ua>
Date: Tue, 9 Dec 2003 21:58:46 +1030
MIME-Version: 1.0
Content-Type: text/plain;
	charset="koi8-r"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
cc: freebsd-questions <freebsd-questions@freebsd.org>
Subject: Re: ipfw keep-state (ASAP anwser need)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Dec 2003 11:28:49 -0000

Have you perhaps deleted your rules? Check with

    ipfw list

and make sure they are all there.

Use /var/log/security to find which rule is denying the packets. If it's the
default rule 65535, then your allow rules are somehow incorrect.

----- Original Message -----
From: "Gregory Edigarov" <greg@profi.kharkov.ua>
Subject: Re: ipfw keep-state (ASAP anwser need)


> On Tue, 09 Dec 2003, Rob wrote:
>
> >     ipfw add 4100 allow udp from me to any 53 keep-state
> >     ipfw add 4200 allow udp from any to me 53 keep-state
> It doesn't work.
>
> > What does /var/log/security show?
>
> it shows that all udp traffic to 53 port of any computer was denied.
>
>
> It worked exactly like I've show for a very long time, but a week
> ago something has broken. What is the other possibilities?
>
> --
> With best regards,
>         Gregory Edigarov
> --------------------------------------------------------------------------
----
> profi.kharkov.ua                                        Systems
Administrator
> --------------------------------------------------------------------------
----
>