[PF] No DNS available in LAN

[Beeblebrox]

Well, this should be fairly straight-forward but I'm apparently overlooking something. LAN clients have access to the internet because placing an IP in the browser window of LAN client shows the web page, as does pinging-by-IP to outside server from LAN client. However, trying the web-site name does not work.

My pf.conf is fairly simple and has code below. DNS Traffic should be forwarded to ADSL modem which has IP 192.168.1.1. The LAN gateway its self has no DNS problems and has in /etc/rc.conf

defaultrouter="192.168.1.1"

. The LAN clients on the other hand, get defaultrouter setting as $int_if

################ Translation ###############################
nat on $ext_if from ($int_if:network) to any -> $ext_if

################ Filtering ##################################
block in log on $ext_if
pass in quick on $int_if from any to any   # no reason to restrict LAN
pass out

pass in quick on $ext_if inet proto {tcp udp} from any to $int_if port 53

I am not getting any log output about the error, despite having "set debug loud". I must be forgetting something obvious.

 

[SirDice]

pass in quick on $ext_if inet proto {tcp udp} from any to $int_if port 53

You only need this if you yourself are hosting a DNS server that needs to be accessible from the internet. You don't need it.

Your issue is most likely not related to PF. You seem to be missing /etc/resolv.conf, see resolv.conf(5).

 

[Beeblebrox]

Not needing "pass .... port 53" makes sense, since PF is in keep-state mode for accepted requests. I had placed that entry while trying to debug the issue.

As for resolv.conf, the dhcp server sets that property and if I check /etc/resolv.conf on the client (a linux laptop for now), it shows that nameserver has been set correctly by dhcp.

option domain-name-servers 192.168.2.1;
option routers 192.168.2.1;

EDIT: Resolved when I changed in dhcp.conf the name-server option to modem's address 192.168.1.1 - Thanks.