-   Linux - General (
-   -   Host name lookup failure when trying to connect to the internet (

jabka 10-23-2005 03:25 PM

Host name lookup failure when trying to connect to the internet
i just installed iptables add the rule :

iptables -A INPUT -p tcp -j
as far as i understand i should be able to connect to the internet but when i start connetion script i get:


[root@bluebitch jbk]# internet --connect
which: no dhcpcd in (/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/share/apps/superkaramba/scripts)
which: no pump in (/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/share/apps/superkaramba/scripts)
Killing DHCP client for eth1 5051
Internet Systems Consortium DHCP Client V3.0.3
Copyright 2004-2005 Internet Systems Consortium.
All rights reserved.
For info, please visit

Listening on LPF/eth1/00:50:22:b4:cd:09
Sending on LPF/eth1/00:50:22:b4:cd:09
Sending on Socket/fallback
DHCPREQUEST on eth1 to port 67
bound to -- renewal in 198395 seconds.
DHCP client dhclient started succesfully.
which: no pptp-linux in (/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/share/apps/superkaramba/scripts)
No PPtP client running (good)
Fetching gateway using dhclient...
Gateway is
Adding route via Host name lookup failure
ERROR: failed adding route via
ERROR: System call failed
butwhen i disable iptables i can easly connect to the internet

WhatsHisName 10-25-2005 01:15 AM

It might be as simple as adding “ACCEPT” to the end:

iptables -A INPUT -p tcp -j ACCEPT

A somewhat more effective set of rules would be:

iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp --icmp-type any -j ACCEPT
iptables -A INPUT -p 50 -j ACCEPT
iptables -A INPUT -p 51 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m state --state NEW -s -j ACCEPT
iptables -A INPUT -j REJECT --reject-with icmp-host-prohibited

The effect of these rules would be to allow any connections/packets originating from within the LAN subnet (or in layman's language, and to reject most other connections/packets. For a packet to make it into your system, it has to answer “yes” to one of the first six rules.

The first four rules are some basic housekeeping rules. The next rule (ESTABLISHED,RELATED) allows any communications previously established to continue. The following rule (NEW) dictates the terms on which a new communication would be accepted: that it originates from your subnet ( in this example, but substitute your own subnet, which is probably

The last rule terminates any connections/packets that were not accepted by the previous rules.

You may need other rules for specific servers if you are running any servers (apache, sendmail, vsftpd, etc.)

All times are GMT -5. The time now is 12:03 PM.