[Firewall] Self-connect possible?

Arno van Amersfoort arnova at rocky.eld.leidenuniv.nl
Thu Mar 18 18:05:20 CET 2010


You can also use the DNAT plugin to fix this....

a.

Rance Hall wrote:
> On Wed, Mar 17, 2010 at 7:06 PM, Roland Haeder <r.haeder at gmx.de> wrote:
>> This looks also okay to me:
>> ---------------------------------
>> Mar 18 01:05:51 firebox dnsmasq[15463]:
>> reading /var/run/dnsmasq/resolv.conf
>> Mar 18 01:05:51 firebox dnsmasq[15463]: using nameserver
>> 195.50.140.246#53
>> Mar 18 01:05:51 firebox dnsmasq[15463]: using nameserver
>> 195.50.140.178#53
>> ---------------------------------
>> Roland
> 
> 
> 
> this may be the problem, and it may not.
> 
> What I do:
> 
> On the box that runs dnsmasq create a /etc/resolv.conf file that
> points to a nameserver of 192.168.0.1  which it appears you did.
> 
> Then create another file called /etc/resolv.conf.dnsmasq that looks
> just like a resolv.conf file but the nameserver points to your public
> ISP nameservers as above.
> 
> edit the dnsmasq config file to use the alternate resolv file of
> /etc/resolv.conf.dnsmasq.
> 
> this way all your hosts on the network resolv names the exact same way.
> 
> this setup fixes a whole host of problems.
> 
> PS, probably want to take this to the dnsmasq list if you still need
> help.  We've gone way past the firewall list rules at this point.
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl
> 

-- 
Arno van Amersfoort
E-mail    : arnova at rocky.eld.leidenuniv.nl
Donations are welcome through Paypal!
---------------------------------------------------------------------------
Arno's (Linux IPTABLES Firewall) Homepage:
http://rocky.eld.leidenuniv.nl


More information about the Firewall mailing list