Try pass out proto udp from any to any port 53 > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:owner-freebsd- > [EMAIL PROTECTED] On Behalf Of Ansar Mohammed > Sent: Wednesday, May 07, 2008 1:34 PM > To: freebsd-pf@freebsd.org > Subject: UDP weirdness > > I have a very simple configuration yet I am bemused as to what I am > doing > wrong. > > > Windows 2003 <- FreeBSD-PF -> Windows 2003 > 192.168.3.2 192.168.3.1 192.168.2.2 192.168.2.130 > Here are my rules > > > ext_if="le0" > int_if="le1" > int_net="192.168.3.0/24" > ext_net="192.168.2.0/24" > int_addr="192.168.3.1" > ext_addr="192.168.2.2" > scrub on $ext_if all reassemble tcp > scrub on $int_if all reassemble tcp > block in log all > pass in proto icmp from any to any > pass in proto udp from any to any port 53 > pass in on $ext_if inet proto tcp from any to any port 3389 > > > DNS traffic is allowed though but the return packet gets blocked. Can > anyone > explain why? > This is true on ALL UDP traffic TCP traffic works well > > Pflog message: > > 065276 rule 0/0(match): block in on le1: 192.168.3.2.53 > > 192.168.2.130.3837: [|domain] > > > > > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________ freebsd-pf@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-pf To unsubscribe, send any mail to "[EMAIL PROTECTED]"
