LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 09-02-2012, 01:09 PM   #1
neopandid
Member
 
Registered: Aug 2011
Location: Russia
Distribution: Debian
Posts: 31

Rep: Reputation: Disabled
Iptables blocking dns server


Hi,
My debian gateway is blocking dns server's requests
here is last line from my /var/log/messages

--------------------------
Sep 2 20:08:42 gateway kernel: [87358.972458] LOGDROP IN=eth1 OUT=eth0 SRC=192.168.200.10 DST=208.67.222.222 LEN=76 TOS=0x00 PREC=0x00 TTL=127 ID=17326 PROTO=UDP SPT=5185
6 DPT=53 LEN=56
Sep 2 20:08:46 gateway kernel: [87363.018271] LOGDROP IN=eth1 OUT=eth0 SRC=192.168.200.10 DST=8.8.8.8 LEN=65 TOS=0x00 PREC=0x00 TTL=127 ID=17339 PROTO=UDP SPT=51856 DP
T=53 LEN=45
Sep 2 20:08:50 gateway kernel: [87367.064357] LOGDROP IN=eth1 OUT=eth0 SRC=192.168.200.10 DST=208.67.220.220 LEN=76 TOS=0x00 PREC=0x00 TTL=127 ID=17344 PROTO=UDP SPT=502
88 DPT=53 LEN=56
Sep 2 20:08:53 gateway kernel: [87370.098193] LOGDROP IN=eth1 OUT=eth0 SRC=192.168.200.10 DST=208.67.222.222 LEN=76 TOS=0x00 PREC=0x00 TTL=127 ID=17369 PROTO=UDP SPT=5028
8 DPT=53 LEN=56
Sep 2 20:08:57 gateway kernel: [87374.144343] LOGDROP IN=eth1 OUT=eth0 SRC=192.168.200.10 DST=8.8.8.8 LEN=65 TOS=0x00 PREC=0x00 TTL=127 ID=17392 PROTO=UDP SPT=50288 DP
T=53 LEN=45
Sep 2 20:09:01 gateway kernel: [87378.192237] LOGDROP IN=eth1 OUT=eth0 SRC=192.168.200.10 DST=208.67.220.220 LEN=76 TOS=0x00 PREC=0x00 TTL=127 ID=17429 PROTO=UDP SPT=511
57 DPT=53 LEN=56
Sep 2 20:09:05 gateway kernel: [87382.236229] LOGDROP IN=eth1 OUT=eth0 SRC=192.168.200.10 DST=208.67.222.222 LEN=76 TOS=0x00 PREC=0x00 TTL=127 ID=17456 PROTO=UDP SPT=5115
7 DPT=53 LEN=56
Sep 2 20:09:09 gateway kernel: [87386.282583] LOGDROP IN=eth1 OUT=eth0 SRC=192.168.200.10 DST=8.8.8.8 LEN=65 TOS=0x00 PREC=0x00 TTL=127 ID=17457 PROTO=UDP SPT=51157 DP
T=53 LEN=45
--------------------------
How can I solve this?
Thanks in advance.
 
Old 09-02-2012, 06:57 PM   #2
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,225

Rep: Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021Reputation: 2021
Check your iptables settings.
Also check you've got ip forwarding on in the kernel http://www.ducea.com/2006/08/01/how-...ding-in-linux/
 
Old 09-02-2012, 06:58 PM   #3
kakaka
Member
 
Registered: Sep 2003
Posts: 382

Rep: Reputation: 86
To answer your question at the same level of detail at which you asked it, if the Administrator of the gateway wishes to allow access to Google's DNS, a rule to allow that would need to be added to the server.

If you are the Administrator, then you would need to describe whatever is being used to control access, so we might help you adjust it to allow access to Google's DNS.

For example, if you were using iptables, some form of a command such as iptables -L with the proper arguments for particular tables, could be run on the server, to list the rules being used to control access. But if you don't provide us with specifically what's being used to control access, we cannot provide specific help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Is blocking a subnet with iptables on the router a good way to protect a server? damgar Linux - Security 6 06-11-2012 03:40 PM
What can be blocking the DNS response going back to my server? manuel220 Linux - Networking 1 08-18-2011 02:46 AM
[SOLVED] Iptables blocking NTP and DNS hobbes80 Linux - Networking 1 08-13-2010 10:44 AM
DNS Server iptables ciberrust Linux - Server 1 05-02-2010 11:48 AM
iptables blocking outgoing DNS requests laurensb Linux - Security 1 10-29-2009 10:48 AM


All times are GMT -5. The time now is 08:58 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration