LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-14-2001, 11:45 PM   #1
apessos
LQ Newbie
 
Registered: Jan 2001
Location: Voorhees, NJ
Posts: 2

Rep: Reputation: 0

Hello,

I am hoping someone can help me understand what is going on in my /var/log/messages file.

Included down below is an excerpt of the messages file. To me, it seems my firewall is denying access to the root serveres as they are trying to connect. I could be wrong about this but checking the ip addresses with dig reveals them to be authorative.

I have been reading the DNS, Firewall How-Tos for the past couple of hours, days and while I am learning rather fast, I think I might be missing something.

If someone would be willing to explain what is going on and possibly suggest a way to resolve the error, i would appreciate it. I am anxious and willing to learn and the best way is by asking question and learning through experience. Or so at least I think.

Any help would greatly be appreciated. And if anymore information is needed, let me know.
-Greg

ps. I am running RedHat 6.2 with kernel 2.2.17, in case that
information is necessary.

Jan 14 15:44:38 192 kernel: Packet log: input DENY eth1 PROTO=17 128.9.0.107:53 my_ip_address:1032 L=481 S=0x00 I=18351 F=0x4000 T=239 (#20)
Jan 14 15:44:50 192 kernel: Packet log: input DENY eth1 PROTO=17 192.36.148.17:53 my_ip_address:1032 L=481 S=0x00 I=18907 F=0x0000 T=43 (#20)
Jan 14 15:44:58 192 kernel: Packet log: input DENY eth1 PROTO=17 202.12.27.33:53 my_ip_address:1032 L=481 S=0x00 I=53140 F=0x0000 T=47 (#20)
Jan 14 15:45:02 192 kernel: Packet log: input DENY eth1 PROTO=17 192.33.4.12:53 my_ip_address:1032 L=481 S=0x00 I=62989 F=0x4000 T=243 (#20)
Jan 14 15:45:06 192 kernel: Packet log: input DENY eth1 PROTO=17 193.0.14.129:53 my_ip_address:1032 L=481 S=0x00 I=8806 F=0x0000 T=56 (#20)
Jan 14 15:45:10 192 kernel: Packet log: input DENY eth1 PROTO=17 128.8.10.90:53 my_ip_address:1032 L=481 S=0x00 I=25328 F=0x0000 T=50 (#20)
Jan 14 15:45:14 192 kernel: Packet log: input DENY eth1 PROTO=17 198.41.0.4:53 my_ip_address:1032 L=214 S=0x00 I=16657 F=0x0000 T=50 (#20)
Jan 14 15:45:34 192 kernel: Packet log: input DENY eth1 PROTO=17 128.63.2.53:53 my_ip_address:1032 L=481 S=0x00 I=7479 F=0x4000 T=244 (#20)
Jan 14 15:45:42 192 kernel: Packet log: input DENY eth1 PROTO=17 192.5.5.241:53 my_ip_address:1032 L=478 S=0x00 I=39001 F=0x4000 T=49 (#20)
Jan 14 15:45:50 192 kernel: Packet log: input DENY eth1 PROTO=17 192.203.230.10:53 my_ip_address:1032 L=478 S=0x00 I=19548 F=0x4000 T=22 (#20)
 
Old 02-06-2001, 06:02 PM   #2
mjakob
Member
 
Registered: Feb 2001
Posts: 69

Rep: Reputation: 15
They certainly are root servers. Without being able to see you ipchains script, I'm guessing that you are running a fairly strong ruleset. In other words, denying everything by default and allowing only what you want in. So, somewhere you need lines like:

/sbin/ipchains -A input -p tcp -i eth0 -s 0.0.0.0/0 -d your.ip.address/32 53 -j ACCEPT

/sbin/ipchains -A input -p udp -i eth0 -s 0.0.0.0/0 -d your.ip.address/32 53 -j ACCEPT

These need to be before you deny everything else.

Mark
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables firewall and DNS? guitarman85281 Linux - Software 2 09-20-2004 08:37 PM
DNS and Firewall dexter_modem Linux - Security 8 11-13-2003 10:41 PM
DNS and firewall merlin371 Linux - Networking 2 07-31-2003 05:36 AM
DNS and firewall help please mpalladi Linux - Networking 2 05-26-2003 09:35 AM
setting up DNS behind a firewall..... archangel Linux - Networking 3 08-10-2002 10:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration