Re: NPF: newbie experiencing some strange behavior

To: g.lister%nodeunit.com@localhost, NetBSD Users Mailing List <netbsd-users%netbsd.org@localhost>
Subject: Re: NPF: newbie experiencing some strange behavior
From: "J. Lewis Muir" <jlmuir%imca-cat.org@localhost>
Date: Tue, 17 Jun 2014 16:32:28 -0500

On 6/17/14, 4:02 PM, g.lister wrote:
> The next rule there is
>
> +++
> pass out final all
> +++
>
> I think it should be evaluated as it is after the blocking of TCP
> transactions so UDP should be going out, but following your comment I
> played around with allowing everything and/or adding a rule for UDP
> and I could get some date from a look up only when I let everything
> in and out. I think I am forgetting something about DNS and how query
> responses are delivered...

Hi, George.

Is the "pass out final all" rule stateful by default?  If not, then your
UDP query may be going out, but NPF would be blocking the response since
I don't see a rule to pass it in.

A client DNS query usually uses a UDP connection to a DNS server on port
53, but it can sometimes use a TCP connection on port 53.  It will send
a query to the server and expect a response.  It looks like your NPF
rules might be blocking that response.

> Thanks Lewis for getting me going on that path.

Sure.  Hope you get it working!

Best,

Lewis

Follow-Ups:
- Re: NPF: newbie experiencing some strange behavior (solved)
  - From: g.lister

References:
- NPF: newbie experiencing some strange behavior
  - From: g.lister
- Re: NPF: newbie experiencing some strange behavior
  - From: J. Lewis Muir
- Re: NPF: newbie experiencing some strange behavior
  - From: g.lister

Prev by Date: Re: openbsd -> netbsd : same yet feels different ...
Next by Date: Re: openbsd -> netbsd : same yet feels different ...
Previous by Thread: Re: NPF: newbie experiencing some strange behavior
Next by Thread: Re: NPF: newbie experiencing some strange behavior (solved)
Indexes:

Home | Main Index | Thread Index | Old Index