Re: suddenly bind and access to NNTP server (localhost) doesn't work
Hi, On Monday 03 November 2003 15:40, Andreas Klemm wrote: > I found the culprit, for my eyes its a problem with ipfw. I'm not sure with your assumption. I also have severe problems with 5.1-CURRENT of Nov-2-2003 but my firewall-rule is working: 00100 76 9542 allow ip from any to any via lo0 My system always panics during shutdown with the 'named'-process, just like Peter reported it in "Panics and stuff.." from Sun, 2 Nov 2003 22:48:34 +0100... OK, I *did* read UPDATING, so I portupgraded dns/bind9 but that didn't help. So I used /usr/sbin/named, but the same things happen. I *can* shutdown to singleusermode, umount all filesystems, remount / 'ro' and reboot from there - but the regular 'shutdown -r now' panics with named. I'm no developer, so I go back to current of Okt 29, hoping that this works - my last working current until last Saturday was from Okt 25... Ciao/BSD - Matthias Matthias Schuendehuette , Berlin (Germany) PGP-Key at and ID: 0xDDFB0A5F ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: suddenly bind and access to NNTP server (localhost) doesn't work
On Mon, Nov 03, 2003 at 06:18:49AM -0800, Will Andrews wrote: > On Mon, Nov 03, 2003 at 01:47:06PM +0100, Andreas Klemm wrote: > > Since about 2 days I can't make dns queries via local nameserver. > > To get dns requests I need to add my forwarders in /etc/resolv.conf. > > I've noticed this before (on FreeBSD 4.8), then realized my ISP > was blocking 53/TCP. I found the culprit, for my eyes its a problem with ipfw. Look here: on titan the rule 100 doesn't work anymore for (for me) unknown reason: 00100 0 0 allow ip from any to any via lo0 00200 3 180 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 133 75074 allow ip from any to any 65535 21787 2611732 deny ip from any to any FreeBSD titan.klemm.apsfilter.org 5.1-CURRENT FreeBSD 5.1-CURRENT #0: Sun Oct 19 16:33:53 CEST 2003 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/TITAN i386 [EMAIL PROTECTED] ~ ll /sbin/ipfw -r-xr-xr-x 1 root wheel 482184 2 Nov 21:26 /sbin/ipfw On my Laptop aklemm the rule 100 (firewall type "open") works: 00100 206 20504 allow ip from any to any via lo0 002000 0 deny ip from any to 127.0.0.0/8 003000 0 deny ip from 127.0.0.0/8 to any 65000 9498 3688895 allow ip from any to any 655350 0 deny ip from any to any [EMAIL PROTECTED] ~ ll /sbin/ipfw -r-xr-xr-x 1 root wheel 482184 2 Nov 23:07 /sbin/ipfw [EMAIL PROTECTED] ~ uname -a FreeBSD aklemm.klemm.apsfilter.org 5.1-CURRENT FreeBSD 5.1-CURRENT #0: Sun Nov 2 23:55:37 CET 2003 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/AKLEMM i386 Because rule 100 isn't working for unknown reason on titan, I get DNS and connect problem with a local NNTP server, since the traffic pattern "from any to any via lo0" is needed, but doesn't work. But I really have no idea, whats that causing... Andreas /// -- Andreas Klemm - Powered by FreeBSD 5.1-CURRENT Need a magic printfilter today ? -> http://www.apsfilter.org/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: suddenly bind and access to NNTP server (localhost) doesn't work
On Mon, Nov 03, 2003 at 01:47:06PM +0100, Andreas Klemm wrote: > Since about 2 days I can't make dns queries via local nameserver. > To get dns requests I need to add my forwarders in /etc/resolv.conf. I've noticed this before (on FreeBSD 4.8), then realized my ISP was blocking 53/TCP. Regards, -- wca ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "[EMAIL PROTECTED]"