From nobody Thu Mar 5 00:55:29 1998 Received: (from nobody@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA07068; Thu, 5 Mar 1998 00:55:29 -0800 (PST) (envelope-from nobody) Message-Id: <199803050855.AAA07068@hub.freebsd.org> Date: Thu, 5 Mar 1998 00:55:29 -0800 (PST) From: vadim@gc.lviv.ua To: freebsd-gnats-submit@freebsd.org Subject: "ipfw" can't start if "named" on this computer X-Send-Pr-Version: www-1.0 >Number: 5922 >Category: conf >Synopsis: "ipfw" can't start if "named" on this computer >Confidential: no >Severity: critical >Priority: low >Responsible: freebsd-bugs >State: closed >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Mar 5 01:00:01 PST 1998 >Closed-Date: Thu Mar 5 16:38:47 PST 1998 >Last-Modified: Thu Mar 5 16:40:19 PST 1998 >Originator: Vadim Chekan >Release: 2.2.5 >Organization: Galitsky Kontrakty >Environment: FreeBSD gate.gc.lviv.ua 2.2.5-RELEASE FreeBSD 2.2.5-RELEASE #0: Thu Feb 26 16:51 :19 GMT 1998 root@gate.gc.lviv.ua:/usr/src/sys/compile/GATE i386 >Description: In configuration rc.firewall I use host names. But DNS is on this computer. In rc.network ipfw start before named, can't found host (named is not running) and rules not loaded. >How-To-Repeat: Run named on some computer as ipfw and use in resolv.conf only this computer. >Fix: Move start ipfw after named in rc.network >Release-Note: >Audit-Trail: State-Changed-From-To: open->closed State-Changed-By: alex State-Changed-When: Thu Mar 5 16:38:47 PST 1998 State-Changed-Why: Sorry, but you'll have to use IP addresses instead of hostnames. ipfw must be started before network services such as named so that it may clear a channel for those services to communicate. Starting named before initializing the firewall doesn't help because ipfw still won't be able to lookup names (because the firewall will reject the packets unless compiled with IPFIREWALL_DEFAULT_TO_ACCEPT). >Unformatted: