I need some help with ipfw2 on my squid box
I have too many dynamic rules errors for dns
Can I insert a dns static rule into my rules (as below) and how?
allow ip from any to any via lo0
allow ip from any to any via lo1
deny ip from any to 127.0.0.0/8
deny ip from 127.0.0.0/8 to any
check-state
Stec John wrote:
I need some help with ipfw2 on my squid box
I have too many dynamic rules errors for dns
Can I insert a dns static rule into my rules (as below) and how?
[ ... ]
# allow DNS,NTP queries out in the world
add pass udp from any 1024-65535 to any 53,123
add pass udp from any
Stec John wrote:
Hi Chuck, are you suggesting to add these dns rules on top of the existing
rules?
Yes.
Can I use allow instead of pass?
Yes, they mean the same thing:
allow Allow packets that match rule. The search terminates.
Aliases are pass,
: Re: ipfw2 - too many dynamic rules
Stec John wrote:
I need some help with ipfw2 on my squid box
I have too many dynamic rules errors for dns
Can I insert a dns static rule into my rules (as below) and how?
[ ... ]
# allow DNS,NTP queries out in the world
add pass udp from any 1024