Rules behavior

[overlook]

Hello!

I'm currently new to configuring OpenBSD's PacketFilter, however I have some questions regarding to what can be left out and what needs to be mentioned in the rules.

Since most examples mentioned only http/https ports for an outgoing connection. However resolving Domain names is the sole job of DNS (TCP/IP Stack). So normally a firewall would block the DNS requests, since they aren't configured part of the rule set. But that doesn't seem to be the case, since these examples don't mention any rules for the DNS protocol.

So if anyone could clear up this confusion I would be really grateful. Just merely trying to figure out heads and tails of Packet Filter.

 

[wblock@]

A specific rule set would be easier to see.

Often, firewalls are configured to allow all traffic that originates inside the network. DNS would be included in that type of traffic. Most small networks do not serve DNS requests that originate from outside, so this works fine.

 

[overlook]

So what your saying is under conditions where computers connecting to the Internet are getting their IPs in DHCP mode. But what under Static conditions, the computer would be configured to retrieve DNS names off shore.

 

[SirDice]

Post the rule set. We can't make any judgments about rules we don't know.

 

[wblock@]

So what your saying is under conditions where computers connecting to the Internet are getting their IPs in DHCP mode.

No. I'm saying that firewalls often allow any type of connection as long as it originates from inside the network. A computer inside the network does a DNS lookup, sends mail, web connection, anything, the firewall allows that. Connections coming in from outside the firewall are filtered; if the network has no public DNS server, DNS connections from outside are rejected.