Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 5 Feb 2002 07:54:42 +1100
From:      Edwin Groothuis <edwin@mavetju.org>
To:        jacks@sage-american.com
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Firewall Denies - w/info
Message-ID:  <20020205075442.O1599@k7.mavetju.org>
In-Reply-To: <3.0.5.32.20020204135700.01917078@mail.sage-american.com>; from jacks@sage-american.com on Mon, Feb 04, 2002 at 01:57:00PM -0600
References:  <3.0.5.32.20020204135700.01917078@mail.sage-american.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, Feb 04, 2002 at 01:57:00PM -0600, jacks@sage-american.com wrote:
> Sheesh! Here are the denies with the questions again. Sorry!
> I'm getrting a lot of these "denies" of outgoing UDP shown in my firewall
> log. The lookups show they are NSLs or root.servers, but not MY
> nameservers. Many are on port 1024, but not always (some on the samba ports).
> 
> Also, some try to go out on port 53, but not to MY nameservers....
>
> Since it looks like the requests are coming from my machines, they look
> harmless & wonder if I need the requests, and what could be asking for the
> info. Does anyone know what these are for...??? ...or what is asking for
> the info?
> 
> Deny UDP 64.xxx.xx.xxx:1024 198.41.0.4:53 out via tun0
> Deny UDP 64.xxx.xx.xxx:1024 192.203.230.10:53 out via tun0
> Deny UDP 64.xxx.xx.xxx:1024 192.36.148.17:53 out via tun0
> Deny UDP 64.xxx.xx.xxx:1024 198.32.64.12:53 out via tun0

These are *from* your nameserver-process to the root-nameservers.
That's how the protocol is designed and works. Just open all the
ports from your nameserver to everywhere port 53, on both tcp and
udp, and your nameserver will work fine.

Edwin

-- 
Edwin Groothuis   |              Personal website: http://www.MavEtJu.org
edwin@mavetju.org |           Interested in MUDs? Visit Fatal Dimensions:
------------------+                       http://www.FatalDimensions.org/

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020205075442.O1599>