Re: named error sending response: permision denied

On May 24, 2005, at 1:05 PM, Stephane Raimbault wrote: Thank you for your suggestions... I think it helped me solve the problem. It seems I needed to add more rules... although they seem redundant to me, but they have clearly made an improvement and I'm no longer getting those dns related e

Re: named error sending response: permision denied

On May 24, 2005, at 2:25 PM, Stephane Raimbault wrote: I hate to ask something silly, but you do have a check-state rule somewhere, right? it's not silly..., what's silly is now I'm asking how would I check :) or what would the rule look like. You've have an "ipfw add check-state" rule som

Re: named error sending response: permision denied

On May 24, 2005, at 4:28 PM, Stephane Raimbault wrote: That's very interesting and makes sense. I do not have the check- state in there, and just specify each port that is open, I'm guessing I did not run into this problem with anything else, as dns is a very stateful type of protocol? DNS

Re: natd

On Jun 8, 2005, at 4:30 PM, Gilberto Villani Brito wrote: How can I make a nat for many different networks using different real IPs using natd? People with many different networks using real IPs generally don't need natd, they simply use a router and/or firewall. This being said, you can u

Re: IPFW2+NAT stateful rules VS. FTP

On Sep 20, 2005, at 1:55 PM, Peter Rosa wrote: If you use "passive mode" FTP, that ought to work fine. If you use "active mode" FTP, you ought to use the FTP proxying built into NATD (see the -use_sockets and -punch_fw options), which is aware of the FTP data channel. Please, could you be litt

Re: ipfw table bad command

On Dec 13, 2005, at 11:36 AM, Jin Fang wrote: Which version of freebsd has 'table' command been implemented into ipfw? I try it in 5.2.1 to use: # ipfw table 1 add x.x.x.x/32 get: ipfw: bad command `table' It was added somewhere around 5.3. Someone running 5.2.1 should update to 5.3, 5.4,

Re: stopping an attack (fraggle like)

Hi-- On Sep 25, 2013, at 10:23 AM, NetOps Admin wrote: > Hi, > We are currently getting hit with a DoS attack that looks very > similar to a Fraggle attack. We are seeing a large amount of UDP traffic > coming at us from thousands of hosts. The source UDP port is 19 (chargen) > and when it

Re: ipfw on just inbound and not outbound

On Apr 14, 2015, at 2:09 PM, hiren panchasara wrote: > Apologies if this is something silly but I want to completely eliminate > ipfw from outgoing traffic perspective. I just want to have it on > incoming. I can always add "allow ip from any to any out" as the first > rule but that is still ipfw