From owner-freebsd-questions@FreeBSD.ORG Sun Oct 26 04:29:36 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F6F316A4BF for ; Sun, 26 Oct 2003 04:29:36 -0800 (PST) Received: from mail.liwing.de (mail.liwing.de [213.70.188.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id A1A9143FAF for ; Sun, 26 Oct 2003 04:29:34 -0800 (PST) (envelope-from rehsack@liwing.de) Received: (qmail 67988 invoked from network); 26 Oct 2003 12:29:33 -0000 Received: from stingray.liwing.de (HELO liwing.de) ([213.70.188.164]) (envelope-sender ) by mail.liwing.de (qmail-ldap-1.03) with SMTP for ; 26 Oct 2003 12:29:33 -0000 Message-ID: <3F9BBE2D.2040402@liwing.de> Date: Sun, 26 Oct 2003 12:29:33 +0000 From: Jens Rehsack User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.5) Gecko/20031022 X-Accept-Language: de-de, de, en-us, en MIME-Version: 1.0 To: Vladimir References: <1225931937.20031025184822@aaanet.ru> <3F9AA3D8.9000303@liwing.de> <5714575171.20031026145709@aaanet.ru> In-Reply-To: <5714575171.20031026145709@aaanet.ru> Content-Type: text/plain; charset=windows-1251; format=flowed Content-Transfer-Encoding: 8bit cc: questions@freebsd.org Subject: Re: Bind 9.2.3rc4 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Oct 2003 12:29:36 -0000 Vladimir wrote: > Здравствуйте, Jens. Здравствуйте Vladimir, you've forgotten to cc questions@ - added. > Вы писали 25 октября 2003 г., 19:24:56: > > JR> Vladimir wrote: > >>>Hi, freebsd-questions. >>>;; res_nsend: Operation timed out > > JR> Furthermore I don't use acl's, I'm using packet filtering. > > ? You have 2 lines with defined acl's in your config and allow only for requests matching the one of the list entries. If I were in your situation, I would remove them for testing to see whether it works than or not. I don't have any experience with access control within bind, so I cannot tell you if it's correct. I you ipf to block request not coming from 10.62.10.0/24 or 127.0.0.0/8 to this machine. > JR> $ dig 127.0.0.1 > JR> ; <<>> DiG 8.3 <<>> 127.0.0.1 > ... > JR> ;; MSG SIZE sent: 27 rcvd: 102 > > Not working. Try to connect to internet and see if it works fine than. If it does, either your /etc/resolve.conf is wrong or your access restriction are. > JR> As you can see here, my server responds. You should check your logfiles > JR> to see why your server denied to answer the request. Maybe you have to > JR> increase the verbosity for it. > > How i can do it? named(8) tells you :-) > Maybe something wrong in my configs? > > And why mc start so long? I know that because of named, bucaese when I > stop it mc start quikly. First assumtion of me is your acl's. If they're not, we'll look deeper :-) Regards, Jens