On Mon, 12 Dec 2011 08:10:13 +0000 (GMT), Gabriel Avramescu wrote:
>
> Salut,
Salut,
>>
>>
>>Am doua probleme in Bind:
>>1. conectat la hostul respectiv imi rezolva orice cerere dns -
>> folosind nslookup. Query-urile facute de alte statii catre acest host,
>> nu le rezolva.
statiile banuiesc ca sunt in subneturile definite in recursive_subnets
:)
nu de alta dar ai si ___allow-query { "recursive_subnets"; };___ deci
nu numai query-uri recursive ci toate.
aici un tcpdump te ajuta de minune (pe server).
Poti sa pui si niste loguri.
ex mai jos:
logging {
channel "ddns" {
file "/var/log/named/ddns.log" size 2m;
print-category yes;
severity dynamic;
};
channel query {
file "/var/log/named/query.log" versions 2 size 2m ; }
;
channel rest {
file "/var/log/named/rest.log" versions 2 size 2m ; } ;
category lame-servers { null; };
category "queries" { query; };
category "default" { rest; };
};
si te uiti in loguri.
>>[root@ns3 ~]# iptables -L -n
Personal nu prea iti inteleg iptables-ul dar ma rog...
>>Chain INPUT (policy ACCEPT)
>>target prot opt source destination
>>ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
>> RELATED,ESTABLISHED
>>ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
>>ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
asta e chiar ALL ALL? vezi ca iptables uneori nu iti zice interfata la
-L -n (da-i si cu -v -x eventual)
>>ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
>> NEW tcp dpt:22
>>REJECT all -- 0.0.0.0/0 0.0.0.0/0
>> reject-with icmp-host-prohibited
fa un chain de logging si vezi daca ai acolo ceva...
2.
>>Dec 9 14:57:32 ns3 named[2184]: dumping master file: tmp-12SgbfA9Jf:
>> open: permission denied
>>Dec 9 14:57:32 ns3 named[2184]: transfer of '.ro/IN'
>> from Ip_master#53: failed while receiving responses: permission denied
Ai aici tot ce iti trebuie :)
open: permission denied. are nevoie sa faca un tmp si nu poate. unde
iti tii zonele slave ai sigur toate permisiunile?
misu
_______________________________________________
RLUG mailing list
[email protected]
http://lists.lug.ro/mailman/listinfo/rlug
