Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

ipchains and djbdns

  • 21-11-2002 4:40pm
    #1
    Draco
    Subscribers Posts: 1,911 ✭✭✭


    Has anyone gotten djbdns working with ipchians?
    Google isn't turning up much for me.


Comments

  • #2
    regi
    Registered Users, Registered Users 2 Posts: 3,281 ✭✭✭regi


    what problem are you having exactly?


  • #3
    Draco
    Subscribers Posts: 1,911 ✭✭✭Draco


    When I have ipchains on it can't resolve addresses.

    dnsip www.cnn.com
    dnsip: fatal: unable to find IP address for [url]www.cnn.com:[/url] connection refused

    With ipchains off it can:
    dnsip www.cnn.com
    64.236.24.4 64.236.16.116 64.236.16.84 64.236.16.52 64.236.24.28 64.236.16.20 64.236.24.12 64.236.24.20

    Output of ipchians -L is:
    Chain input (policy ACCEPT):
    target prot opt source destination ports
    ACCEPT tcp -y---- anywhere anywhere any -> ssh
    ACCEPT tcp -y---- anywhere anywhere any -> smtp
    ACCEPT udp
    149.157.140.50 anywhere domain -> any
    REJECT tcp -y---- anywhere anywhere any -> any
    REJECT udp
    anywhere anywhere any -> any
    Chain forward (policy ACCEPT):
    Chain output (policy ACCEPT):
    target prot opt source destination ports
    ACCEPT udp
    149.157.140.50 anywhere 1024:65535 -> any
    ACCEPT tcp -y---- 149.157.140.50 anywhere 1024:65535 -> any


  • #4
    longword
    Closed Accounts Posts: 741 ✭✭✭longword


    Where's your ipchains rule to allow back in the responses to your DNS queries?

    BTW, you really should drag yourself into the 21st century and start using iptables instead. The connection tracking makes it easier to deal with and at the same time more secure.


Advertisement