On 11/11/05, Matthew R Powell <[EMAIL PROTECTED]> wrote: > Greetings, > > My 3.7 firewall is holding up DNS requests. pflog suggests that my very > first rule, 'block log all' is stopping them.
As it should. > Further down my rule set, however, exists the following rule: > pass out quick log on $ext_if proto udp all keep state > > If I'm not mistaken, that rule should allow outgoing DNS requests on my > external interface, as well as the return packets. That will allow outbound stuff, but you said to block log all. And that blocks all packets on all interfaces until otherwise notified. You're allowing packets to leave the external interface, but that doesn't do you much good until you allow packets to enter the internal interface... -- GDB has a 'break' feature; why doesn't it have 'fix' too?
