From owner-freebsd-stable  Tue Jan 16 21: 4:11 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from rm-rstar.sfu.ca (rm-rstar.sfu.ca [142.58.120.21])
	by hub.freebsd.org (Postfix) with ESMTP id 1406C37B401
	for <freebsd-stable@FreeBSD.ORG>; Tue, 16 Jan 2001 21:03:54 -0800 (PST)
Received: from fraser.sfu.ca (tmchow@fraser.sfu.ca [142.58.101.25])
	by rm-rstar.sfu.ca (8.10.1/8.10.1/SFU-5.0H) with ESMTP id f0H53mi03230
	for <freebsd-stable@FreeBSD.ORG>; Tue, 16 Jan 2001 21:03:48 -0800 (PST)
Received: from localhost (tmchow@localhost)
	by fraser.sfu.ca (8.9.2/8.9.2/SFU-5.0C) with ESMTP id VAA18616
	for <freebsd-stable@FreeBSD.ORG>; Tue, 16 Jan 2001 21:03:47 -0800 (PST)
X-Authentication-Warning: fraser.sfu.ca: tmchow owned process doing -bs
Date: Tue, 16 Jan 2001 21:03:47 -0800 (PST)
From: Trevin Chow <tmchow@sfu.ca>
To: FreeBSD Stable <freebsd-stable@FreeBSD.ORG>
Subject: Can't Telnet but can SSH?
In-Reply-To: <200101170434.f0H4YWE18257@whizzo.transsys.com>
Message-ID: <Pine.GSO.4.30.0101162047370.15128-100000@fraser.sfu.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


I think I'm having some problems with my firewall rules
regarding telnet and it may have to do with my NS setup.

1) Whenever I try to telnet to 2 external hosts (my university and another
host), I connect, and right before it displays the "login:" prompt,
it says "Connection closed by foreign host".

However, I can SSH to these same hosts.

2) I'm acting as my own NS for my domain.

On my freebsd box, if I do an `nslookup` and `set type=SOA`, and
enter my domain, everything is okay and it reports everything as expected.

However, on an external system, if I do the same thing, it says:
"can't find mydomain.com: Non-existent host/domain".

It should also be noted that if I do a regular `nslookup` WITHOUT `set
type=SOA`, then then it resolves to my correct IP on both internal and
external boxes.

Is there some type of firewall traffic that maybe I'm denying?
I'm using a default deny based firewalling system and the onyl rule I have
to allow DNS traffic in /etc/rc.firewall is:

add pass udp from any to ${oip} 53

Maybe I'm missing something?





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message