Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 9 Oct 2002 19:56:02 +0200
From:      Roman Neuhauser <neuhauser@bellavista.cz>
To:        Wolfieee <mjoyner@hq.dyns.cx>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: UDP Port 53 Log In Vain Messages
Message-ID:  <20021009175601.GL51897@freepuppy.bellavista.cz>
In-Reply-To: <3DA46595.8000801@hq.dyns.cx>
References:  <3DA46595.8000801@hq.dyns.cx>
next in thread | previous in thread | raw e-mail | index | archive | help 
# mjoyner@hq.dyns.cx / 2002-10-09 13:21:25 -0400:
> Ok, what causes the following events to ocurr and what do I do to fix 
> whatever is wrong?
> 
> _MY_MACHINE_ is my machine
> _ISP_NAMESERVER_01_ and _ISP_NAMESERVER_02_ are my ISP's nameservers
> I am running named.
> 
> What additional information is needed? (if any)
> What do I look at?
> 
> Unusual System Events
> =-=-=-=-=-=-=-=-=-=-=
> Oct  9 09:01:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3550 from _ISP_NAMESERVER_02_:53
> Oct  9 09:01:03 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3597
> Oct  9 09:01:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3551 from _ISP_NAMESERVER_01_:53
> Oct  9 09:01:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3553 from _ISP_NAMESERVER_02_:53
> Oct  9 09:01:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3554 from _ISP_NAMESERVER_01_:53
> Oct  9 09:01:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3611
> Oct  9 09:01:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3548 from _LOCALHOST_:53

    this means that you have a firewall that blocks incoming udp on port
    53 on both the loopback and your nic.

    specifically, the blocked packets are replies to your dns queries.

    fix your firewall ruleset. the rule from my ipf ruleset:

    pass  out quick on $if proto tcp/udp from $ip to any port = 53 keep state

    that "keep state" is what allows the responses back in.

-- 
begin 666 nonexistent.vbs
FreeBSD 4.7-RC
7:48PM up 22 days, 3:03, 18 users, load averages: 0.43, 0.26, 0.15
end

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021009175601.GL51897>