Chris Kuethe wrote:
On 11/11/05, Matthew R Powell <[EMAIL PROTECTED]> wrote:
Greetings,
My 3.7 firewall is holding up DNS requests. pflog suggests that my very
first rule, 'block log all' is stopping them.
As it should.
Further down my rule set, however, exists the following rule:
pass out quick log on $ext_if proto udp all keep state
If I'm not mistaken, that rule should allow outgoing DNS requests on my
external interface, as well as the return packets.
That will allow outbound stuff, but you said to block log all. And
that blocks all packets on all interfaces until otherwise notified.
You're allowing packets to leave the external interface, but that
doesn't do you much good until you allow packets to enter the internal
interface...
--
GDB has a 'break' feature; why doesn't it have 'fix' too?
Yeah, I see that now. The problem was... it's 3AM local and I
misunderstood 'keep state' to mean that return traffic would be
automatically passed in response to the original request.
I need to establish a bed time for myself.
Thanks all.
