My LAN user can not surfing in internet before I restart my SuSEfirewall2
Dear my friends.... I am using SuSE Linux 8.1 for our internet gateway. I installed Squid, SuSEfirewall2 and ip-masquerading on the Linux-Box. It runs properly after a couple of hours in one day but than my LAN user can not surfing in internet anymore. If the problem comes, my LAN user still can use e-mail through IP-Masquerading but not http. If the problem comes than I have to restart the SuSEfirewall2 with: " SuSEfirewall2 stop SuSEfirewall2 start " After restarting the SuSEfirewall2 than my LAN user can surfing in internet back (again). If I restart my SuSEfirewall I got this error message: " proxy:~ # SuSEfirewall2 stop Removing filter rules ... SuSEfirewall2: clearing rules now ... done proxy:~ # SuSEfirewall2 start Warning: FW_SERVICE_DNS defined, but no DNS server found running! proxy:~ # " Here is my "/var/log/messages": " patrixlinux@patrix:~/arsip> tail -n 60 ./fromproxy Feb 27 13:14:17 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=247 ID=38389 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:14:17 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35450 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:23 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=247 ID=38390 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:14:23 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35451 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:24 proxy squid[8941]: idnsCheckQueue: ID 5c4: giving up after 35 tr ies and 310.0 seconds Feb 27 13:14:24 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=96 TOS=0x00 PREC=0x00 TTL=247 ID=38391 DF PROTO =UDP SPT=53 DPT=1096 LEN=76 Feb 27 13:14:24 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=246 ID=35452 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:14:28 proxy squid[8941]: idnsCheckQueue: ID 5c5: giving up after 34 tr ies and 302.7 seconds Feb 27 13:14:28 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38392 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=173 TOS= 0x00 PREC=0x00 TTL=64 ID=61439 DF PROTO=UDP SPT=631 DPT=631 LEN=153 Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=173 TOS= 0x00 PREC=0x00 TTL=64 ID=61440 DF PROTO=UDP SPT=631 DPT=631 LEN=153 Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=171 TOS= 0x00 PREC=0x00 TTL=64 ID=61441 DF PROTO=UDP SPT=631 DPT=631 LEN=151 Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=174 TOS= 0x00 PREC=0x00 TTL=64 ID=61442 DF PROTO=UDP SPT=631 DPT=631 LEN=154 Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38393 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:33 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=96 TOS=0x00 PREC=0x00 TTL=246 ID=35453 DF PROTO =UDP SPT=53 DPT=1096 LEN=76 Feb 27 13:14:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=247 ID=38394 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:14:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35454 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:40 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35455 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:44 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=96 TOS=0x00 PREC=0x00 TTL=247 ID=38395 DF PROTO =UDP SPT=53 DPT=1096 LEN=76 Feb 27 13:14:44 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=246 ID=35456 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:14:46 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38396 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:47 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=174 TOS= 0x00 PREC=0x00 TTL=64 ID=61555 DF PROTO=UDP SPT=631 DPT=631 LEN=154 Feb 27 13:14:51 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38397 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:51 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=96 TOS=0x00 PREC=0x00 TTL=246 ID=35457 DF PROTO =UDP SPT=53 DPT=1096 LEN=76 Feb 27 13:14:54 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=247 ID=38398 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:14:54 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35458 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:14:56 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35459 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:01 proxy squid[8941]: idnsCheckQueue: ID 5c6: giving up after 33 tr ies and 301.9 seconds Feb 27 13:15:01 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=246 ID=35460 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:15:04 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=173 TOS= 0x00 PREC=0x00 TTL=64 ID=61623 DF PROTO=UDP SPT=631 DPT=631 LEN=153 Feb 27 13:15:04 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=173 TOS= 0x00 PREC=0x00 TTL=64 ID=61624 DF PROTO=UDP SPT=631 DPT=631 LEN=153 Feb 27 13:15:04 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=171 TOS= 0x00 PREC=0x00 TTL=64 ID=61625 DF PROTO=UDP SPT=631 DPT=631 LEN=151 Feb 27 13:15:04 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=174 TOS= 0x00 PREC=0x00 TTL=64 ID=61626 DF PROTO=UDP SPT=631 DPT=631 LEN=154 Feb 27 13:15:05 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=217. 225.240.146 DST=145.254.88.223 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=13525 DF PROT O=TCP SPT=2539 DPT=4662 WINDOW=15972 RES=0x00 SYN URGP=0 OPT (020405840402080A00 5A2CC70000000001030300) Feb 27 13:15:05 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38399 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:07 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38400 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:08 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=217. 225.240.146 DST=145.254.88.223 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=13724 DF PROT O=TCP SPT=2539 DPT=4662 WINDOW=15972 RES=0x00 SYN URGP=0 OPT (020405840402080A00 5A2DF30000000001030300) Feb 27 13:15:11 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=247 ID=38401 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:15:11 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35461 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:11 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35462 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:14 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=217. 225.240.146 DST=145.254.88.223 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=14050 DF PROT O=TCP SPT=2539 DPT=4662 WINDOW=15972 RES=0x00 SYN URGP=0 OPT (020405840402080A00 5A304B0000000001030300) Feb 27 13:15:17 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=246 ID=35463 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:15:18 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=174 TOS= 0x00 PREC=0x00 TTL=64 ID=61697 DF PROTO=UDP SPT=631 DPT=631 LEN=154 Feb 27 13:15:21 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38402 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:21 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38403 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:26 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=217. 225.240.146 DST=145.254.88.223 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=14661 DF PROT O=TCP SPT=2539 DPT=4662 WINDOW=15972 RES=0x00 SYN URGP=0 OPT (020405840402080A00 5A34FB0000000001030300) Feb 27 13:15:28 proxy squid[8941]: idnsCheckQueue: ID 5c7: giving up after 34 tr ies and 303.1 seconds Feb 27 13:15:28 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=247 ID=38404 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:15:28 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35464 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:31 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=195. 202.35.106 DST=145.254.88.223 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=4772 DF PROTO =TCP SPT=2896 DPT=4662 WINDOW=16384 RES=0x00 SYN URGP=0 OPT (0204058601010402) Feb 27 13:15:34 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=246 ID=35465 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:15:34 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=195. 202.35.106 DST=145.254.88.223 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=4891 DF PROTO =TCP SPT=2896 DPT=4662 WINDOW=16384 RES=0x00 SYN URGP=0 OPT (0204058601010402) Feb 27 13:15:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=173 TOS= 0x00 PREC=0x00 TTL=64 ID=61792 DF PROTO=UDP SPT=631 DPT=631 LEN=153 Feb 27 13:15:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=173 TOS= 0x00 PREC=0x00 TTL=64 ID=61793 DF PROTO=UDP SPT=631 DPT=631 LEN=153 Feb 27 13:15:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=171 TOS= 0x00 PREC=0x00 TTL=64 ID=61794 DF PROTO=UDP SPT=631 DPT=631 LEN=151 Feb 27 13:15:35 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=eth0 OUT= MAC=ff:ff:ff:f f:ff:ff:00:50:bf:77:77:f8:08:00 SRC=192.168.23.238 DST=192.168.23.0 LEN=174 TOS= 0x00 PREC=0x00 TTL=64 ID=61795 DF PROTO=UDP SPT=631 DPT=631 LEN=154 Feb 27 13:15:39 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=247 ID=38405 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 Feb 27 13:15:40 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=195. 202.35.106 DST=145.254.88.223 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=5137 DF PROTO =TCP SPT=2896 DPT=4662 WINDOW=16384 RES=0x00 SYN URGP=0 OPT (0204058601010402) Feb 27 13:15:45 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.196 DST=145.254.88.223 LEN=117 TOS=0x00 PREC=0x00 TTL=247 ID=38406 DF PROT O=UDP SPT=53 DPT=1096 LEN=97 Feb 27 13:15:45 proxy kernel: SuSE-FW-ILLEGAL-TARGET IN=ippp0 OUT= MAC= SRC=145. 253.2.139 DST=145.254.88.223 LEN=301 TOS=0x00 PREC=0x00 TTL=246 ID=35466 DF PROT O=UDP SPT=53 DPT=1096 LEN=281 patrixlinux@patrix:~/arsip> " Please help me to solve this problem. I still can not understand. Should I allow "145.254.88.223"? How? Thank you very much in advance. __________________________________________________ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/
----- Original Message -----
From: "Prabu Subroto"
Dear my friends....
I am using SuSE Linux 8.1 for our internet gateway. I installed Squid, SuSEfirewall2 and ip-masquerading on the Linux-Box.
<snip> Have you got two network cards on the pc with the forewall? __________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
No, only one NIC. The NIC is facing the internal LAN
and another interface is only ISDN card.
What is my mistake? Please tell me. I'm stucked now...
--- Linux World 999
----- Original Message ----- From: "Prabu Subroto"
To: Sent: Friday, February 28, 2003 12:52 PM Subject: [SLE] My LAN user can not surfing in internet before I restart my SuSEfirewall2 Dear my friends....
I am using SuSE Linux 8.1 for our internet gateway. I installed Squid, SuSEfirewall2 and ip-masquerading on the Linux-Box.
<snip>
Have you got two network cards on the pc with the forewall?
__________________________________________________ Do You Yahoo!? Everything you'll ever need on one web page from News and Sport to Email and Music Charts http://uk.my.yahoo.com
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
__________________________________________________ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/
On 02/28/2003 09:33 PM, Prabu Subroto wrote:
No, only one NIC. The NIC is facing the internal LAN and another interface is only ISDN card.
What is my mistake? Please tell me. I'm stucked now...
You have your firewall setup (etc/sysconfig/SuSEfirewall2) set yes for running a DNS server on your box. Are you running a dns server? If not, set this to no. If yes, then maybe it is your DNS server that is crashing, or perhaps it is a caching server, and your ISPs name servers are having problems. HTH. -- Joe Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://www.mydestiny.net/~joe_morris Registered Linux user 231871 God said, I AM that I AM. I say, by the grace of God, I am what I am.
On Sat, Mar 01, 2003 at 09:52:18AM +0800, Joe Morris (NTM) wrote: : On 02/28/2003 09:33 PM, Prabu Subroto wrote: : : >No, only one NIC. The NIC is facing the internal LAN : >and another interface is only ISDN card. : > : >What is my mistake? Please tell me. I'm stucked now... : > : > : You have your firewall setup (etc/sysconfig/SuSEfirewall2) set yes for : running a DNS server on your box. Are you running a dns server? If : not, set this to no. If yes, then maybe it is your DNS server that is : crashing, or perhaps it is a caching server, and your ISPs name servers : are having problems. HTH. I believe that the problem may be that SuSEfirewall2 by default will first be brought up at rc2. This presents a chicken-egg problem since named isn't started until rc3. Thus, when SuSEfirewall2 is initially started, named isn't running, and the appropriate rules for FW_SERVICE_DNS aren't activated. The only solution I've found for this is to restart SuSEfirewall2 after the box is up. I believe that this was discussed a few months back on the list, but I don't recall there ever being an "official" resolution to the issue. --Jerry Open-Source software isn't a matter of life or death... ...It's much more important than that!
participants (4)
-
Jerry A!
-
Joe Morris (NTM)
-
Linux World 999
-
Prabu Subroto