On Fri, Feb 15, 2013 at 1:13 PM, Andrew Beverley <andy@xxxxxxxxxxx> wrote: > On Fri, 2013-02-15 at 12:28 -0500, John Corps wrote: >> Very odd...put on a simple logging of >> iptables -A INPUT -i eth1 -j LOG --log-prefix "DNS TEST INPUT drop: " >> >> getting nothing in the logs...this is mind baffling. Even with TCPDUMP >> not seeing any packets unless i set client DNS to local ip of server, >> the 192.168.1.2 dns, set it to google for a test of 8.8.8.8 and get >> nothing in logs or with tcpdump. > > What's your network topology? Any chance that the packets are not being > routed through your server? > > > I wouldn't think they wouldn't be getting routed through as all the test devices are all on the same switch and all on the same vlan. It's simple a switch, the server i'm trying iptables with is plugged into port 1 which is untagged on vlan 1000, and the client pc is on port 2 which is also untagged on vlan 1000. There is no uplink to any other switch or router etc, just this switch and 2 devices plugged into it. Since the 1 client pc is windows, i haven't got dig on that to test, but doing simple nslookup with dns statically configured on the nic to 8.8.8.8, its trying to go to that one and gets timed out, but doing nslookup pointing to the 192.168.1.2 which has the iptables rules, give me back the right IP. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
