IIRC, TCP is used for over large dns responses.
Ryan Minihan
email@hidden
-----Original Message-----
From: macos-x-server-bounces+ryan=email@hidden
[mailto:macos-x-server-bounces+ryan=email@hidden] On Behalf
Of David Haines
Sent: Wednesday, December 26, 2007 4:19 PM
To: OSXS list
Subject: Re: Why these denies in my firewall log?
On Dec 26, 2007, at 11:47 AM, Dan Shoop wrote:
>
> On Dec 24, 2007, at 11:18 AM, David Haines wrote:
>> Check your rules and realize that DNS uses TCP & UDP port 53.
>> http://docs.info.apple.com/article.html?artnum=106439
>>
>
> Yes and no. DNS typically is UDP. We don't need a reliable(*) IP
> connection for DNS.
>
> (*) in the IP sense of the word.
Understood & thanks.
I defaulted to Apple's info (but I'm curious why they state TCP port
53 as well - ?), and was responding quickly to what I thought to be a
strange question.
On Dec 23, 2007, at 9:48 AM, Gerben Wierda wrote:
> /etc/ipfilter/ipfw.conf.apple:add 65534 deny log ip from any to any
I meant to add/state instead: that's there by design and Gerben should
have an earlier "allow" rule for DNS traffic as/if desired.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
