This problem has got me stumped!!!! I have netfilter
setup (v 1.2.8.13) on a Fedora Core 1 box. It seems to be working fine except that I it is dropping DNS requesets from XP clients. Win2K and NT clients work fine. If I do an NSlookup on the XP box it resolves names fine. If I try to connect it will connect once
or twice but then iptables starts dropping all the DNS requests on their way out.
Heres a syslog entry.
Jun 14 10:00:31 fw kernel: IN=eth1 OUT=eth0 SRC=192.168.0.19 DST=***.***.***.*** LEN=61 TOS=0x00 PREC=0x00 TTL=127 ID=26601 PROTO=UDP SPT=1029 DPT=53 LEN=41
Well, it seems that you are logging it. Why do you think iptables is not the source of the log message you showed above?
If you are logging this from iptables, then you could add something like: ... -j LOG --log-prefix "IPT DNS REJ " to confirm the rule involved.
Perhaps knowing the rule involved would provide some insight?
You could also look at the counts, using: iptables -L -nvx to see if you can identify the rule that way.
I think I had an XP related problem that resulted from being very fussy about dns connections. I think XP uses a varying high source port, like the 1029 your log shows, and I think that may be unusual.
Is it possible that you have rules that might block upd source ports in this range?
Jim
