Hi People, I'm trying to setup my firewall using ipfw on 4.6 Stable. I have read through the man pages and also several howto's but now I need your advice. I would like to setup a DNS server that will respond to queries and my current ruleset does not seem to permit this. Please tell me what I am doing wrong.
My Ruleset: ( ip's omitted ) add 00301 check-state add 00302 allow tcp from any to any established add 00303 allow tcp from any to any out setup keep-state add 00304 allow tcp from any to $lan 22,25,80,443 setup add 00400 allow udp from any to any out add 00401 allow udp from $lan to any 53 add 00402 allow udp from any 53 to $lan in recv rl0 #allow some icmp types (codes not supported) ##allow path-mtu in both directions add 00600 allow icmp from any to any icmptypes 3 ##allow source quench in and out add 00601 allow icmp from any to any icmptypes 4 ##allow me to ping out and receive response back add 00602 allow icmp from any to any icmptypes 8 out add 00603 allow icmp from any to any icmptypes 0 in ##allow me to run traceroute add 00604 allow icmp from any to any icmptypes 11 in #allow ident requests add 00700 allow tcp from any to any 113 keep-state setup #deny syn and fin bits used for OS finger printing using nmap add 00701 deny log tcp from any to any in tcpflags syn,fin #log anything that falls through add 09000 deny log ip from any to any Kind Regards, Nelis To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
