I don't think the firewall is to blame.
00050 60949435 31435808176 divert 8668 ip from any to any via rl0 00100 716310 99071516 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 120754392 61388414174 allow ip from any to any 65535 8 1016 deny ip from any to any Roman Neuhauser wrote: ># [EMAIL PROTECTED] / 2002-10-09 13:21:25 -0400: > > >>Ok, what causes the following events to ocurr and what do I do to fix >>whatever is wrong? >> >>_MY_MACHINE_ is my machine >>_ISP_NAMESERVER_01_ and _ISP_NAMESERVER_02_ are my ISP's nameservers >>I am running named. >> >>What additional information is needed? (if any) >>What do I look at? >> >>Unusual System Events >>=-=-=-=-=-=-=-=-=-=-= >>Oct 9 09:01:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3550 from >_ISP_NAMESERVER_02_:53 >>Oct 9 09:01:03 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from >_LOCALHOST_:3597 >>Oct 9 09:01:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3551 from >_ISP_NAMESERVER_01_:53 >>Oct 9 09:01:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3553 from >_ISP_NAMESERVER_02_:53 >>Oct 9 09:01:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3554 from >_ISP_NAMESERVER_01_:53 >>Oct 9 09:01:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from >_LOCALHOST_:3611 >>Oct 9 09:01:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3548 from >_LOCALHOST_:53 >> >> > > this means that you have a firewall that blocks incoming udp on port > 53 on both the loopback and your nic. > > specifically, the blocked packets are replies to your dns queries. > > fix your firewall ruleset. the rule from my ipf ruleset: > > pass out quick on $if proto tcp/udp from $ip to any port = 53 keep state > > that "keep state" is what allows the responses back in. > > > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message