[Firewall] Self-connect possible?

Rance Hall ranceh at gmail.com
Thu Mar 18 01:11:57 CET 2010


On Wed, Mar 17, 2010 at 7:06 PM, Roland Haeder <r.haeder at gmx.de> wrote:
> This looks also okay to me:
> ---------------------------------
> Mar 18 01:05:51 firebox dnsmasq[15463]:
> reading /var/run/dnsmasq/resolv.conf
> Mar 18 01:05:51 firebox dnsmasq[15463]: using nameserver
> 195.50.140.246#53
> Mar 18 01:05:51 firebox dnsmasq[15463]: using nameserver
> 195.50.140.178#53
> ---------------------------------
> Roland



this may be the problem, and it may not.

What I do:

On the box that runs dnsmasq create a /etc/resolv.conf file that
points to a nameserver of 192.168.0.1  which it appears you did.

Then create another file called /etc/resolv.conf.dnsmasq that looks
just like a resolv.conf file but the nameserver points to your public
ISP nameservers as above.

edit the dnsmasq config file to use the alternate resolv file of
/etc/resolv.conf.dnsmasq.

this way all your hosts on the network resolv names the exact same way.

this setup fixes a whole host of problems.

PS, probably want to take this to the dnsmasq list if you still need
help.  We've gone way past the firewall list rules at this point.


More information about the Firewall mailing list