On Tue, 24 Oct 2006, drovalev at kaluga dash gov dot ru wrote:
> Clients DNS receive the server, but he 172.20.20.1!!!
> It is necessary 192.168.8.1
Not true if you are really meaning to use the DNS forwarder.
The DNS forwarder is just that, a forwarder. The clients should use the
monowall as a DNS server and the monowall will forward the responses to
the real DNS servers and the replies back to the clients.
The DNS server set on the client SHOULD be the address of the monowall.
You should not need rules to allow traffic between your LAN network and
the DNS server.
The alternative is to turn OFF the DNS forwarder option in which case DHCP
response will contain the address of the real DNS server.
If neither of these work then there is likely a problem at the client.
What are the clients? Windows, Linux?
Open a command window and run an nslookup command to see what server is
configured. Try to resolve a hostname on the internet and see what
happens. Post the results back here.