LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-20-2007, 09:43 AM   #1
o-circ
LQ Newbie
 
Registered: Feb 2007
Posts: 5

Rep: Reputation: 0
RH9-problem with browsing Internet: domain names-errors, using IP-OK.


I'm new to Linux and I have a problem with browsing the Internet. I have RedHat 9 and I'm connected to the Internet through a router.

When I use domain names in Mozilla or Nautilus, I get errors. When I navigate using "direct" IP numbers, everything seems to be OK. Furthermore, I cannot ping sites by their names, although dig, host and nslookup return no errors.

My DNS is set to the same address I have set under Win XP on the same computer - and under Win name solving works fine.

(I have VIA VT86c100A Rhine-II PCI network card, if this information can help)

Any help would be great.
 
Old 02-20-2007, 01:55 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 377Reputation: 377Reputation: 377Reputation: 377
welcome to LQ!!!

please post the output of:
Code:
cat /etc/resolv.conf
if you try to ping a domain name, do you get an "unknown host" error like this??
Code:
win32sux@candystore:~$ ping google.com
ping: unknown host google.com

Last edited by win32sux; 02-20-2007 at 01:57 PM.
 
Old 02-20-2007, 03:28 PM   #3
o-circ
LQ Newbie
 
Registered: Feb 2007
Posts: 5

Original Poster
Rep: Reputation: 0
Hi,

This is cat output:

; generated by /sbin/dhclient-script
nameserver 192.168.2.1
search agpg

And yes, I get exactly the error you described, "unknown host".
 
Old 02-20-2007, 04:49 PM   #4
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 377Reputation: 377Reputation: 377Reputation: 377
well, considering your resolv.conf looks fine, i'd say it could be either your local iptables rules or perhaps your dns resolver is bugging-out... you can check (and post) your iptables rules with:
Code:
iptables -L -v -n
as for your resolver possibly needing a bugfix update (it's a long-shot), the problem is that Red Hat 9 hasn't been supported/maintained in a LONG time... so i'm wondering if perhaps you are able to upgrade to a supported/mainitained distro - not so much cuz of this DNS issue, but for security and an overall better experience... in any case, i'm sure someone smarter than me will have some other suggestions for you, so hang in there...

Last edited by win32sux; 02-20-2007 at 05:02 PM.
 
Old 02-21-2007, 06:06 AM   #5
o-circ
LQ Newbie
 
Registered: Feb 2007
Posts: 5

Original Poster
Rep: Reputation: 0
As a matter of fact, I don't get much of my iptables' output, which is
Code:
[root@agpg root]# iptables -L -v -n
Chain INPUT (policy ACCEPT 28 packets, 1540 bytes)
 pkts bytes target     prot opt in     out     source               destination
 7191  491K RH-Lokkit-0-50-INPUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 RH-Lokkit-0-50-INPUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 
Chain OUTPUT (policy ACCEPT 7213 packets, 492K bytes)
 pkts bytes target     prot opt in     out     source               destination
 
Chain RH-Lokkit-0-50-INPUT (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     udp  --  *      *       192.168.2.1          0.0.0.0/0          udp spt:53 dpts:1025:65535
    3   984 ACCEPT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0          udp spts:67:68 dpts:67:68
    0     0 ACCEPT     udp  --  eth1   *       0.0.0.0/0            0.0.0.0/0          udp spts:67:68 dpts:67:68
 7157  488K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpts:0:1023 flags:0x16/0x02 reject-with icmp-port-unreachable
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:2049 flags:0x16/0x02 reject-with icmp-port-unreachable
    3   689 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpts:0:1023 reject-with icmp-port-unreachable
    0     0 REJECT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:2049 reject-with icmp-port-unreachable
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpts:6000:6009 flags:0x16/0x02 reject-with icmp-port-unreachable
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:7100 flags:0x16/0x02 reject-with icmp-port-unreachable
I'm trying to learn basics of Linux on RH; I thought about switching to another distribution, but I want to deal with this DNS problem first - I've spent lots of time trying to fix it and I don't want to give up now.

I hope my iptables can help; I'm kind of confused and I don't really know what to do with the results.

Best regards,
o-circ
 
Old 02-21-2007, 02:55 PM   #6
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 377Reputation: 377Reputation: 377Reputation: 377
okay, well, let's rule-out an iptables issue by using some super-simple rules... execute this script and see if it helps... this script basically just sets some sane policies, clears all your chains, and sets two known-good rules... make sure you check that the script executed properly by doing another "iptables -L -v -n" right after...
Code:
#!/bin/sh

IPT="/sbin/iptables"

$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT

$IPT -t mangle -P PREROUTING ACCEPT
$IPT -t mangle -P INPUT ACCEPT
$IPT -t mangle -P FORWARD ACCEPT
$IPT -t mangle -P OUTPUT ACCEPT
$IPT -t mangle -P POSTROUTING ACCEPT

$IPT -t nat -P PREROUTING ACCEPT
$IPT -t nat -P POSTROUTING ACCEPT
$IPT -t nat -P OUTPUT ACCEPT

$IPT -F
$IPT -F -t nat
$IPT -F -t mangle

$IPT -X
$IPT -X -t nat
$IPT -X -t mangle

$IPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
$IPT -A INPUT -i lo -j ACCEPT
make sure you don't reboot before testing, cuz these rules will be lost upon reboot if not saved...

Last edited by win32sux; 02-21-2007 at 03:00 PM.
 
Old 02-21-2007, 04:31 PM   #7
v00d00101
Member
 
Registered: Jun 2003
Location: UK
Distribution: Fedora 8, Centos 5.1
Posts: 480

Rep: Reputation: 30
The simplish solution is to find out the DNS server your ISP uses, should be x.x.x.x where x = 1-254.

If you want to test if it works, try.

Code:
nameserver 192.168.2.1

to

nameserver 194.106.33.42
If it works, then find out your ISP's DNS server IP, and put it in the file instead of the one i gave you. It can be found in your router or on google.

Last edited by v00d00101; 02-21-2007 at 04:33 PM.
 
Old 02-22-2007, 05:33 AM   #8
o-circ
LQ Newbie
 
Registered: Feb 2007
Posts: 5

Original Poster
Rep: Reputation: 0
Hi,

changing DNS into "external" one solved the problem! Everything works fine now (at least I hadn't found anything wrong till now).

Thanks a lot, v00d00101! And thanks to you, win32sux - now I know a little bit more about Linux.




Would you be so kind and tell me, how to switch off DNS auto-detection? I don't like the idea of changing resolv.conf every time I reboot...

Cheers,
o-circ

PS: Funny, it was the first post I could write under Linux.
 
Old 02-22-2007, 02:43 PM   #9
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 377Reputation: 377Reputation: 377Reputation: 377
hehe, glad you got it working, even though it's more of a work-around than a solution... not sure why you are experiencing this, perhaps it's an issue with the leases on your router or something... in any case, you could give your box a static IP configuration to achieve what you want... but if you truly want to leave it on DHCP but prevent resolv.conf from getting written to, then i'd imagine a quick and dirty way to achieve that is giving it read-only permissions like:
Code:
chmod 400 /etc/resolv.conf
keep in mind i haven't tested to see how well this works...
 
Old 02-23-2007, 11:33 AM   #10
o-circ
LQ Newbie
 
Registered: Feb 2007
Posts: 5

Original Poster
Rep: Reputation: 0
I changed resolv.conf permissions with success, but the script ignored it somehow (?!) and overwrote my settings...

But another solution was found: adding this
Code:
echo nameserver x.x.x.x > /etc/resolv.conf
after every call to make_resolv_conf in /sbin/dhclient-script fixes the problem. It's quite crude, I admit, but effective.

Thanks again for helping me!
o-circ
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with cyrillic file names while browsing FTP - please help! Vlastr Linux - Networking 1 04-29-2007 10:36 PM
Internet Traffic Report with logon names --> MS Domain ALMAM Linux - Networking 3 01-19-2007 01:16 PM
Problem in internet browsing khanbabaee Linux - Networking 2 12-18-2005 11:51 PM
internet browsing problem samills70 Linux - Newbie 2 06-15-2004 03:00 PM
InterNet Browsing problem mobassir Linux - Software 4 09-13-2003 10:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration