From owner-freebsd-questions Wed Oct 9 12:18:15 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E857D37B401 for ; Wed, 9 Oct 2002 12:18:12 -0700 (PDT) Received: from mail.bg (dialup120.varna.spnet.net [213.169.38.120]) by mx1.FreeBSD.org (Postfix) with ESMTP id CE9BA43E42 for ; Wed, 9 Oct 2002 12:18:08 -0700 (PDT) (envelope-from dpenev@mail.bg) Received: from mail.bg (localhost [127.0.0.1]) by mail.bg (8.12.5/8.12.5) with ESMTP id g99JI4Pv001921; Wed, 9 Oct 2002 22:18:04 +0300 (EEST) (envelope-from dpenev@mail.bg) Received: (from root@localhost) by mail.bg (8.12.5/8.12.5/Submit) id g99JHfnF001920; Wed, 9 Oct 2002 22:17:41 +0300 (EEST) Date: Wed, 9 Oct 2002 22:17:41 +0300 From: "D. Penev" To: wolf Cc: freebsd-questions@FreeBSD.ORG Subject: Re: UDP Port 53 Log In Vain Messages Message-ID: <20021009191741.GB253@earth.dpsca.bg> Mail-Followup-To: wolf , freebsd-questions@FreeBSD.ORG References: <3DA46595.8000801@hq.dyns.cx> <20021009175601.GL51897@freepuppy.bellavista.cz> <3DA473BE.5070803@hq.dyns.cx> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <3DA473BE.5070803@hq.dyns.cx> User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Oct 09, 2002 at 02:21:50PM -0400, wolf wrote: >Date: Wed, 09 Oct 2002 14:21:50 -0400 >From: wolf >To: Roman Neuhauser >Cc: Wolfieee , freebsd-questions@freebsd.org >Subject: Re: UDP Port 53 Log In Vain Messages > >I don't think the firewall is to blame. I think so. If there is a firewall that blocks dns replies then they never go through firewall. My explanation is that dns send query to external dns but after some time period hi doesn't get answer (because external dns is very busy) and close socket, so when answer arrive there isn't opened socket. If you have a lot of name resolving errors my suggestion is to remove you isp dns servers as forwarders. > > >00050 60949435 31435808176 divert 8668 ip from any to any via rl0 >00100 716310 99071516 allow ip from any to any via lo0 >00200 0 0 deny ip from any to 127.0.0.0/8 >00300 0 0 deny ip from 127.0.0.0/8 to any >65000 120754392 61388414174 allow ip from any to any >65535 8 1016 deny ip from any to any > > >Roman Neuhauser wrote: > >># mjoyner@hq.dyns.cx / 2002-10-09 13:21:25 -0400: >> >> >>>Ok, what causes the following events to ocurr and what do I do to fix >>>whatever is wrong? >>> >>>_MY_MACHINE_ is my machine >>>_ISP_NAMESERVER_01_ and _ISP_NAMESERVER_02_ are my ISP's nameservers >>>I am running named. >>> >>>What additional information is needed? (if any) >>>What do I look at? >>> >>>Unusual System Events >>>=-=-=-=-=-=-=-=-=-=-= >>>Oct 9 09:01:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3550 >>>from _ISP_NAMESERVER_02_:53 >>>Oct 9 09:01:03 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 >>>from _LOCALHOST_:3597 >>>Oct 9 09:01:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3551 >>>from _ISP_NAMESERVER_01_:53 >>>Oct 9 09:01:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3553 >>>from _ISP_NAMESERVER_02_:53 >>>Oct 9 09:01:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3554 >>>from _ISP_NAMESERVER_01_:53 >>>Oct 9 09:01:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 >>>from _LOCALHOST_:3611 >>>Oct 9 09:01:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3548 >>>from _LOCALHOST_:53 >>> >>> >> >> this means that you have a firewall that blocks incoming udp on port >> 53 on both the loopback and your nic. >> >> specifically, the blocked packets are replies to your dns queries. >> >> fix your firewall ruleset. the rule from my ipf ruleset: >> >> pass out quick on $if proto tcp/udp from $ip to any port = 53 keep >> state >> >> that "keep state" is what allows the responses back in. >> >> >> > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message