Date: Mon, 27 Oct 2003 09:34:19 +0000 From: Jens Rehsack <rehsack@liwing.de> To: Vladimir <haba@aaanet.ru> Cc: questions@freebsd.org Subject: Re: Bind 9.2.3rc4 Message-ID: <3F9CE69B.1040501@liwing.de> In-Reply-To: <1245107859.20031027122032@aaanet.ru> References: <1225931937.20031025184822@aaanet.ru> <3F9AA3D8.9000303@liwing.de> <5714575171.20031026145709@aaanet.ru> <3F9BBE2D.2040402@liwing.de> <1245107859.20031027122032@aaanet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
Vladimir wrote: > Hi, Jens. Hi Vladimir, > JR> You have 2 lines with defined acl's in your config and allow > JR> only for requests matching the one of the list entries. > JR> If I were in your situation, I would remove them for testing > JR> to see whether it works than or not. I don't have any experience > JR> with access control within bind, so I cannot tell you if it's > JR> correct. I you ipf to block request not coming from 10.62.10.0/24 or > JR> 127.0.0.0/8 to this machine. > > I remove all acl's and changed all allow- but dig 127.0.0.1 do not > work. I removed all allow- but it do not work. :-( And restarted you server? Ok, start the named within a script(1) with '-d'. Then it will print whatever it does. On another terminal, start a request, eg. 'dig'. If you cannot find sth. mysterious or unwanted in the output, attach the log. >>>JR> $ dig 127.0.0.1 >>>JR> ; <<>> DiG 8.3 <<>> 127.0.0.1 >>>... >>>JR> ;; MSG SIZE sent: 27 rcvd: 102 >>>Not working. > > JR> Try to connect to internet and see if it works fine than. > Not working. :-( > > JR> If it does, either your /etc/resolve.conf is wrong > > search habanet.local > domain habanet.local > nameserver 192.168.1.4 > > Is it right? I think so. > JR> or your access restriction are. > > >>>JR> As you can see here, my server responds. You should check your logfiles >>>JR> to see why your server denied to answer the request. Maybe you have to >>>JR> increase the verbosity for it. >>> >>>How i can do it? > > JR> named(8) tells you :-) > > You talking about -d option or about "logging"? At first about the '-d' option. >>>Maybe something wrong in my configs? >>>And why mc start so long? I know that because of named, bucaese when I >>>stop it mc start quikly. > > JR> First assumtion of me is your acl's. If they're not, we'll look > JR> deeper :-) > > Problem not in acl. Your the expert :-) No - as long as it doesn't work, the config should be reduced to minimum. Maybe the acl's aren't the problem, maybe they aren't the only one. Maybe they are the only one which is not wrong? Would you please be so kind and attach the config files next time you reply? Jens
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F9CE69B.1040501>