From owner-freebsd-questions Wed Oct 9 10:56:16 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C79C37B401 for ; Wed, 9 Oct 2002 10:56:15 -0700 (PDT) Received: from mail.thundernet.cz (mail.thundernet.cz [62.77.87.114]) by mx1.FreeBSD.org (Postfix) with SMTP id 9024443E42 for ; Wed, 9 Oct 2002 10:56:13 -0700 (PDT) (envelope-from neuhauser@bellavista.cz) Received: (qmail 12261 invoked from network); 9 Oct 2002 17:56:07 -0000 Received: from unknown (HELO freepuppy.bellavista.cz) (62.168.44.50) by mail.thundernet.cz with SMTP; 9 Oct 2002 17:56:07 -0000 Received: by freepuppy.bellavista.cz (Postfix, from userid 1001) id 73E622FDAB2; Wed, 9 Oct 2002 19:56:02 +0200 (CEST) Date: Wed, 9 Oct 2002 19:56:02 +0200 From: Roman Neuhauser To: Wolfieee Cc: freebsd-questions@freebsd.org Subject: Re: UDP Port 53 Log In Vain Messages Message-ID: <20021009175601.GL51897@freepuppy.bellavista.cz> Mail-Followup-To: Wolfieee , freebsd-questions@freebsd.org References: <3DA46595.8000801@hq.dyns.cx> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DA46595.8000801@hq.dyns.cx> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG # mjoyner@hq.dyns.cx / 2002-10-09 13:21:25 -0400: > Ok, what causes the following events to ocurr and what do I do to fix > whatever is wrong? > > _MY_MACHINE_ is my machine > _ISP_NAMESERVER_01_ and _ISP_NAMESERVER_02_ are my ISP's nameservers > I am running named. > > What additional information is needed? (if any) > What do I look at? > > Unusual System Events > =-=-=-=-=-=-=-=-=-=-= > Oct 9 09:01:01 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3550 from _ISP_NAMESERVER_02_:53 > Oct 9 09:01:03 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3597 > Oct 9 09:01:06 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3551 from _ISP_NAMESERVER_01_:53 > Oct 9 09:01:14 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3553 from _ISP_NAMESERVER_02_:53 > Oct 9 09:01:17 hq /kernel: Connection attempt to UDP _MY_MACHINE_:3554 from _ISP_NAMESERVER_01_:53 > Oct 9 09:01:23 hq /kernel: Connection attempt to UDP _LOCALHOST_:512 from _LOCALHOST_:3611 > Oct 9 09:01:24 hq /kernel: Connection attempt to UDP _LOCALHOST_:3548 from _LOCALHOST_:53 this means that you have a firewall that blocks incoming udp on port 53 on both the loopback and your nic. specifically, the blocked packets are replies to your dns queries. fix your firewall ruleset. the rule from my ipf ruleset: pass out quick on $if proto tcp/udp from $ip to any port = 53 keep state that "keep state" is what allows the responses back in. -- begin 666 nonexistent.vbs FreeBSD 4.7-RC 7:48PM up 22 days, 3:03, 18 users, load averages: 0.43, 0.26, 0.15 end To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message