diff options
| author | danger <danger@FreeBSD.org> | 2008-07-17 20:00:18 +0000 |
|---|---|---|
| committer | danger <danger@FreeBSD.org> | 2008-07-17 20:00:18 +0000 |
| commit | ac5e6208c0df75a96ee0d1fd907835ac34062072 (patch) | |
| tree | d8719e80c2f8850f5dcc5a8f896c76095fe73991 /etc/rc.firewall | |
| parent | eff9ee09b497649586914ac81f683696bd3d96a9 (diff) | |
| download | FreeBSD-src-ac5e6208c0df75a96ee0d1fd907835ac34062072.zip FreeBSD-src-ac5e6208c0df75a96ee0d1fd907835ac34062072.tar.gz | |
- dns queries might go also over TCP, so allow it.
Approved by: rink
MFC after: 1 week
Diffstat (limited to 'etc/rc.firewall')
| -rw-r--r-- | etc/rc.firewall | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/etc/rc.firewall b/etc/rc.firewall index fe678fc..df8a572 100644 --- a/etc/rc.firewall +++ b/etc/rc.firewall @@ -194,6 +194,7 @@ case ${firewall_type} in ${fwcmd} add deny tcp from any to any setup # Allow DNS queries out in the world + ${fwcmd} add pass tcp from me to any 53 setup keep-state ${fwcmd} add pass udp from me to any 53 keep-state # Allow NTP queries out in the world @@ -294,6 +295,7 @@ case ${firewall_type} in ${fwcmd} add pass tcp from any to any setup # Allow DNS queries out in the world + ${fwcmd} add pass tcp from ${oip} to any 53 setup keep-state ${fwcmd} add pass udp from ${oip} to any 53 keep-state # Allow NTP queries out in the world |
