iptables and NFS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am using what I believe to be a "stateful" packet filter.. where in I specifically allow certain things (mail/ssh/http/https) then allow "related or established" .. then block all others.. however, I seem to have this problem with dns.. the system blocks responses to its own queries.. do I need to explicity trust udp srcprt 53 connections from my dns server? this is someone elses machine that i dropped my firewall config onto.. I dont get these errors on my machine (but then mine is RH 8.0). Any ideas?

  From 64.81.111.2 - 33 packets
     To 64.81.102.28 - 33 packets
        Service: 32926 (udp/32926) (REJECTED:,eth0,none) - 1 packet
        Service: 32983 (udp/32983) (REJECTED:,eth0,none) - 1 packet
        Service: 33237 (udp/33237) (REJECTED:,eth0,none) - 1 packet
        Service: 33306 (udp/33306) (REJECTED:,eth0,none) - 1 packet
        Service: 33431 (udp/33431) (REJECTED:,eth0,none) - 3 packets
        Service: 33550 (udp/33550) (REJECTED:,eth0,none) - 1 packet
        Service: 33697 (udp/33697) (REJECTED:,eth0,none) - 2 packets
        Service: 33738 (udp/33738) (REJECTED:,eth0,none) - 1 packet
        Service: 33828 (udp/33828) (REJECTED:,eth0,none) - 1 packet
        Service: 57335 (udp/57335) (REJECTED:,eth0,none) - 2 packets
        Service: 57426 (udp/57426) (REJECTED:,eth0,none) - 2 packets
        Service: 57963 (udp/57963) (REJECTED:,eth0,none) - 2 packets
        Service: 58074 (udp/58074) (REJECTED:,eth0,none) - 2 packets
        Service: 58659 (udp/58659) (REJECTED:,eth0,none) - 1 packet
        Service: 58853 (udp/58853) (REJECTED:,eth0,none) - 2 packets
        Service: 58879 (udp/58879) (REJECTED:,eth0,none) - 1 packet
        Service: 59114 (udp/59114) (REJECTED:,eth0,none) - 1 packet
        Service: 59442 (udp/59442) (REJECTED:,eth0,none) - 2 packets
        Service: 59597 (udp/59597) (REJECTED:,eth0,none) - 2 packets
        Service: 59813 (udp/59813) (REJECTED:,eth0,none) - 1 packet
        Service: 60316 (udp/60316) (REJECTED:,eth0,none) - 1 packet
        Service: 60628 (udp/60628) (REJECTED:,eth0,none) - 1 packet
        Service: 60886 (udp/60886) (REJECTED:,eth0,none) - 1 packet


**Unmatched Entries**
  client 64.81.102.28 error sending response: host unreachable: 32 Time(s)




--
Tommy McNeely   --   Tommy.McNeely@xxxxxxx
Sun Microsystems   --   IT CTO
Phone/Fax: x51837 / 303-395-3361



--
Shrike-list mailing list
Shrike-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/shrike-list
[Index of Archives]     [Fedora Users]     [Centos Users]     [Kernel Development]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat Phoebe Beta]     [Yosemite Forum]     [Fedora Discussion]     [Gimp]     [Stuff]     [Yosemite News]

  Powered by Linux