[EMAIL PROTECTED] wrote:
> I try to set up firewall on my public network.
> First DNS.
> I read Firewall HOWTO to set rules for ipfwadm and i deny everything for F,I
> and O.
> In my rules as HOWTO says i did like this for my 2 public DNS
> servers (195.115.167.5 and .12)
>
> ipfwadm -F -a accept -b -P udp -S 0.0.0.0/0 53 -D 195.115.167.5
> ipfwadm -F -a accept -b -P udp -S 0.0.0.0/0 53 -D 195.115.167.12
>
> But it doesn't work ..sniff !
1. Have you also added the appropriate -I and -O rules? (NB: using
`ipfwadm -O -p deny' is just making things awkward; there's seldom any
reason to restrict oubound packets).
2. Are you using BIND-8.1.*? If you are, bear in mind that it doesn't
use port 53 for recursive queries by default.
--
Glynn Clements <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
