LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
LinkBack Search this Thread
Old 10-23-2005, 02:25 PM   #1
jabka
Member
 
Registered: Sep 2005
Distribution: Debian unstable && Kazit (reformated knoppix)
Posts: 194

Rep: Reputation: 31
Host name lookup failure when trying to connect to the internet


Howdy,..
i just installed iptables add the rule :
Code:
 iptables -A INPUT -p tcp -j
as far as i understand i should be able to connect to the internet but when i start connetion script i get:

Quote:
[root@bluebitch jbk]# internet --connect
which: no dhcpcd in (/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/share/apps/superkaramba/scripts)
which: no pump in (/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/share/apps/superkaramba/scripts)
Killing DHCP client for eth1 5051
Internet Systems Consortium DHCP Client V3.0.3
Copyright 2004-2005 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/products/DHCP

Listening on LPF/eth1/00:50:22:b4:cd:09
Sending on LPF/eth1/00:50:22:b4:cd:09
Sending on Socket/fallback
DHCPREQUEST on eth1 to 255.255.255.255 port 67
DHCPACK from 10.208.192.1
bound to 172.23.34.101 -- renewal in 198395 seconds.
DHCP client dhclient started succesfully.
which: no pptp-linux in (/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/share/apps/superkaramba/scripts)
No PPtP client running (good)
Fetching gateway using dhclient...
Gateway is 172.23.32.1
Adding route via 172.23.32.1
pns.barak.net.il: Host name lookup failure
ERROR: failed adding route via 172.23.32.1
ERROR: System call failed
butwhen i disable iptables i can easly connect to the internet
 
Old 10-25-2005, 12:15 AM   #2
WhatsHisName
Senior Member
 
Registered: Oct 2003
Location: /earth/usa/nj (UTC-5)
Distribution: RHL9;F1-10; CentOS4-5; DebianSarge-Squeeze
Posts: 1,151

Rep: Reputation: 46
It might be as simple as adding “ACCEPT” to the end:

iptables -A INPUT -p tcp -j ACCEPT


A somewhat more effective set of rules would be:

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp --icmp-type any -j ACCEPT
iptables -A INPUT -p 50 -j ACCEPT
iptables -A INPUT -p 51 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -s 192.168.1.0/24 -j ACCEPT
iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited

The effect of these rules would be to allow any connections/packets originating from within the LAN subnet 192.168.1.0/255.255.255.0 (or in layman's language, 192.168.1.0-255) and to reject most other connections/packets. For a packet to make it into your system, it has to answer “yes” to one of the first six rules.

The first four rules are some basic housekeeping rules. The next rule (ESTABLISHED,RELATED) allows any communications previously established to continue. The following rule (NEW) dictates the terms on which a new communication would be accepted: that it originates from your subnet (192.168.1.0/24 in this example, but substitute your own subnet, which is probably 172.23.34.0/24).

The last rule terminates any connections/packets that were not accepted by the previous rules.

You may need other rules for specific servers if you are running any servers (apache, sendmail, vsftpd, etc.)

Last edited by WhatsHisName; 10-25-2005 at 06:34 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Telnet : Temporary failure in name resolution : Host name lookup failure koodoo Linux - Newbie 10 02-11-2008 07:59 PM
Host name lookup failure mauroblanc Linux - Networking 2 06-16-2005 02:09 PM
DHCP: Host name lookup failure kaloyer *BSD 2 07-08-2004 11:01 AM
sendmail: host name lookup failure GabeF Linux - Networking 3 12-04-2002 08:00 AM
getting an error 0.0.0.0:Host name lookup failure udayan Programming 2 08-22-2002 11:23 PM


All times are GMT -5. The time now is 07:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration