Date: 27 Oct 2002 15:24:07 +0000 From: Stacey Roberts <stacey@Demon.vickiandstacey.com> To: FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: dig . ns @b.root-servers.net - Connection refused. WHY? [related to FBSD 4.7 reset itself - lots of "DENY UDP" mess]ages in /var/log/security Message-ID: <1035732248.394.22.camel@Demon.vickiandstacey.com>
next in thread | raw e-mail | index | archive | help
--=-6fkM8by0js0fypiATIX8 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Hello, I don't know if this is related to post earlier today [FBSD 4.7 reset itself - lots of "DENY UDP" messages in /var/log/security], but I've been trying to trouble shoot the "DENY" messages in /var/log/security using dig: # dig . ns @b.root-servers.net ; <<>> DiG 8.3 <<>> . ns @b.root-servers.net=20 ; (1 server found) ;; res options: init recurs defnam dnsrch ;; res_nsend to server b.root-servers.net 128.9.0.107: Connection refused #=20 I get connection refused for this. Checking security: Oct 27 15:16:26 Demon /kernel: ipfw: 910 Deny UDP <snip>:1381 128.9.0.107:53 out via sis0 Oct 27 15:16:26 Demon /kernel: ipfw: 910 Deny UDP 1<snip>:1382 128.9.0.107:53 out via sis0 #=20 Verifying relevant ipfw rules: # Allow out access to Internet Domain name server $fwcmd add 00618 allow tcp from any to any 53 out via $oif setup keep-state=20 $fwcmd add 00619 allow udp from any to any 53 out via $oif setup keep-state Checking ipfw rule 910: $fwcmd add 00910 deny log logamount 500 ip from any to any Why am I not able to query root servers, given my rules 00618 & 00619?=20 I'd appreciate someone helping me out here., (or hitting me over the head if I'm missing something simple and glaringly obvious) TIA=20 Stacey --=20 Stacey Roberts B.Sc (HONS) Computer Science Web: www.vickiandstacey.com --=-6fkM8by0js0fypiATIX8 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQEVAwUAPbwFFZvQeubckvvXAQGdegf/cliHg/dhOkiueDXn/L1OUnxBus8ofRn+ YCbnpM2xDE5eXoH/5GsGsVF5+H4CAckmFuj8vcJvRbsg2VApHa5lIhSRjb/DXVbM x0jILmzcVANkkrTFqgkmq5UXOvEL/O66+4Pytz5uM7r9H9E8in7DzrHmdeEKKWdt pjGTpaMuEePgms10gGDHn47yEDWVYQ7M592vujQanve7dPCwDU8k+s77QSEX6Dji Ca754LL27oVtsR+ET1X+GybNFYPha9GLyuT0PiO8cQZN4bDMolDp6TRgHGsXQN5a 60sELSoWDxWztUrKrBGCAwTol5FcdMMkBwcibGHo4FOvYE7MenBiig== =Z2o1 -----END PGP SIGNATURE----- --=-6fkM8by0js0fypiATIX8-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1035732248.394.22.camel>