Thread: Virtual Machine
View Single Post
  #8   (View Single Post)  
Old 9th May 2019
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,597
Default

Quote:
Originally Posted by jggimi View Post
I use rebound(8) to provide DNS services to my guests. It makes for a very simple pf.conf:
Code:
[trim]
# route domain requests from virtual machines to rebound(8)
pass in log proto udp from 100.64.0.0/10 to (self) port domain rdr-to localhost
Name servers uses UDP by default but in some cases they switch to TCP. So IMHO your rule should be :
Code:
# route domain requests from virtual machines to rebound(8)
pass in log proto { udp, tcp} from 100.64.0.0/10 to (self) port domain \
           rdr-to localhost
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote