ipfw a DNS

Frankus frankus at rulez.cz
Sat Sep 6 17:45:43 CEST 2003


Dobry den!
Mam problem s ipfw na routeru. Na pracovnich stanicich neresolvnu zadny 
zaznam, pritom internet chodi. Problem se tyka pravdepodobne dvou 
poslednich radku, kazdopadne ja nevim, jake mam udelat zmeny, aby 
chodili odpovedi z dns serveru klientum :( Na routeru vse chodi bez 
problemu...

ipfw show
00100   0      0 allow ip from any to any via lo0
00200   0      0 deny ip from any to 127.0.0.0/8
00300   0      0 deny ip from 192.168.16.0/24 to any in via de0
00400   0      0 deny ip from 62.245.80.0/24 to any in via xl0
00500   3    235 divert 8668 ip from any to any via de0
00600   0      0 deny ip from 10.0.0.0/8 to any via de0
00700   0      0 deny ip from 172.16.0.0/12 to any via de0
00800   0      0 deny ip from 192.168.0.0/16 to any via de0
00900   0      0 deny ip from 0.0.0.0/8 to any via de0
01000   0      0 deny ip from 169.254.0.0/16 to any via de0
01100   0      0 deny ip from 192.0.2.0/24 to any via de0
01200   0      0 deny ip from 224.0.0.0/4 to any via de0
01300   0      0 deny ip from 240.0.0.0/4 to any via de0
01400  71   5810 allow tcp from any to any established
01500   0      0 allow ip from any to any frag
01600   0      0 allow tcp from any to 62.245.80.XX dst-port 22 setup
01700   0      0 deny log tcp from any to any in via de0 setup
01800   0      0 allow tcp from any to any setup
*01900   0      0 allow udp from 62.245.80.XX to any dst-port 53 keep-state
02000   0      0 allow udp from 62.245.80.XX 53 to any*
65535 847 105265 deny ip from any to any



-- 
**************************
/// fr at nku$ \\\
mailto: frankus at rulez.cz
http://frankus.rulez.cz
**************************





More information about the Users-l mailing list