>>> I have a small network at home with gateway/router, server and
>>> desktop. On all boxes run Debian GNU/Linux Etch.
>>> So far this network works but today I can't access the internet from
>>> server nor desktop, but only from gateway/router.
>>> I can to access gateway/router from desktop and from server throught
>>> SSH.
>>> I can't ping from server nor from desktop the internet, say
>>> www.google.com.
When DNS is broken, `ping` by name becomes a useless diagnostic tool; not only
will it not shed any useful light on what's going on, it won't work at all. Its
failure tells you nothing more than that DNS is broken. Only `ping` by IP
Address may be meaningful when DNS is broken.
> I can't nslookup only behind the firewall, from LAN, from desktop
> machine, even I do "shorewall clear".
If you can recreate a problem after `shorewall clear`, you can be _sure_ it has
nothing to do with Shorewall. (Debugging can be quite confusing though if
there's a _second_ problem that involves Shorewall and you forget to do
`shorewall clear` after every firewall restart while resolving the _first_
problem.)
> ... . I don't understand that that how can to be that on LAN DNS
> suddenly don't works? I have not changed the setup of anything
> related to the network recently.
Although _you_ didn't change (are you really sure?), maybe _the_net_ did. Don't
assume that the rest of the world didn't change just because you didn't.
Specifically, it's likely the DNS server your systems used to get their
information from isn't responding any more, possibly because it's been turned
off or possibly because its IP Address changed or possibly because its owner
has figured out how to shut down unauthorized use or possibly because of some
"security fix".
Are you using the DNS servers provided by your ISP? If so, look for recent
announcements from your ISP related to name service. If you can't find any,
call your ISP and ask for help.
> I can nslookup from the firewall even if the shorewall is running.
Then look at /etc/resolv.conf on both the firewall (where it works) and on a
client system (where it doesn't work). They'll be different, and the entries in
/etc/resolv.conf on the client system aren't any good any more. Copy the values
from the /etc/resolv.conf on the firewall into the client /etc/resolve.conf
over top of what's there. Most likely things will start to work.
thanks!
-Chuck Kollars
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
