Date: Wed, 09 Oct 2002 14:21:50 -0400 From: wolf <mjoyner2@hq.dyns.cx> To: Roman Neuhauser <neuhauser@bellavista.cz> Cc: Wolfieee <mjoyner@hq.dyns.cx>, freebsd-questions@freebsd.org Subject: Re: UDP Port 53 Log In Vain Messages Message-ID: <3DA473BE.5070803@hq.dyns.cx> References: <3DA46595.8000801@hq.dyns.cx> <20021009175601.GL51897@freepuppy.bellavista.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
I don't think the firewall is to blame. 00050 60949435 31435808176 divert 8668 ip from any to any via rl0 00100 716310 99071516 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 120754392 61388414174 allow ip from any to any 65535 8 1016 deny ip from any to any Roman Neuhauser wrote: ># mjoyner@hq.dyns.cx / 2002-10-09 13:21:25 -0400: > > >>Ok, what causes the following events to ocurr and what do I do to fix >>whatever is wrong? >> >>_MY_MACHINE_ is my machine >>_ISP_NAMESERVER_01_ and _ISP_NAMESERVER_02_ are my ISP's nameservers >>I am running named. >> >>What additional information is needed? (if any) >>What do I look at? >> >>Unusual System Events >>=-=-=-=-=-=-=-=-=-=-= >>Oct 9 09:01:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3550 from _ISP_NAMESERVER_02_:53 >>Oct 9 09:01:03 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3597 >>Oct 9 09:01:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3551 from _ISP_NAMESERVER_01_:53 >>Oct 9 09:01:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3553 from _ISP_NAMESERVER_02_:53 >>Oct 9 09:01:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3554 from _ISP_NAMESERVER_01_:53 >>Oct 9 09:01:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3611 >>Oct 9 09:01:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3548 from _LOCALHOST_:53 >> >> > > this means that you have a firewall that blocks incoming udp on port > 53 on both the loopback and your nic. > > specifically, the blocked packets are replies to your dns queries. > > fix your firewall ruleset. the rule from my ipf ruleset: > > pass out quick on $if proto tcp/udp from $ip to any port = 53 keep state > > that "keep state" is what allows the responses back in. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DA473BE.5070803>