Date: Wed, 17 Jan 2001 10:38:54 -0500 (EST) From: Marius <marius@mail.communityconnect.com> To: Trevin Chow <tmchow@sfu.ca> Cc: questions@freeBSD.org Subject: Re: Can't Telnet but can SSH? Message-ID: <Pine.BSF.4.21.0101171017540.42711-100000@utterlux.hq.communitconnect.com> In-Reply-To: <Pine.GSO.4.30.0101162047370.15128-100000@fraser.sfu.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
(Redirecting to -questions, cause it goes there)
*chuckle*
I think the other repondent to your post was correct, but let me
chime in to clearify things. Most DNS queries and responces are 'udp'
unless the total transmission is of a certain size or larger, then they
are sent 'tcp.' (I should know the cutoff point, but It is early in the
morning for me.) So small transmissions, like just resolving your domain
name were sent 'udp,' but when you asked for a 'SOA' record, the
transmission was too big, and thus it was in 'tcp.'
As for the telnet sessions: I assume other people can telent to
the hosts you mention? If so, from your description it sounds like you
have contacted the host, but somebody is refusing to some of the higer
port numbers to continue a normal telnet session. It could be because
they can't resolve you correctly, but that is not the only possibility.
On Tue, 16 Jan 2001, Trevin Chow wrote:
>
> I think I'm having some problems with my firewall rules
> regarding telnet and it may have to do with my NS setup.
>
> 1) Whenever I try to telnet to 2 external hosts (my university and another
> host), I connect, and right before it displays the "login:" prompt,
> it says "Connection closed by foreign host".
>
> However, I can SSH to these same hosts.
>
> 2) I'm acting as my own NS for my domain.
>
> On my freebsd box, if I do an `nslookup` and `set type=SOA`, and
> enter my domain, everything is okay and it reports everything as expected.
>
> However, on an external system, if I do the same thing, it says:
> "can't find mydomain.com: Non-existent host/domain".
>
> It should also be noted that if I do a regular `nslookup` WITHOUT `set
> type=SOA`, then then it resolves to my correct IP on both internal and
> external boxes.
>
> Is there some type of firewall traffic that maybe I'm denying?
> I'm using a default deny based firewalling system and the onyl rule I have
> to allow DNS traffic in /etc/rc.firewall is:
>
> add pass udp from any to ${oip} 53
>
> Maybe I'm missing something?
>
>
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
>
---------------------
Marius
Community Connect Inc.
Desk = 212.505.7511 ext: 222 (infrequently manned)
cell = 347.386.4345
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0101171017540.42711-100000>