Re: URGENT - Bind broken by potato-> woody

To: Debian User <debian-user@lists.debian.org>
Subject: Re: URGENT - Bind broken by potato-> woody
From: john <johnpf@atnet.net.au>
Date: Tue, 18 Dec 2001 11:46:38 +1000
Message-id: <[🔎] 3C1E9FFE.C9A933D7@atnet.net.au>
References: <[🔎] Pine.LNX.3.96.1011217191909.29921B-100000@trillian>

Jor-el wrote:

> On Tue, 18 Dec 2001, john wrote:
>
> >
> > Chain POSTROUTING (policy ACCEPT)
> > target     prot opt source               destination
> > SNAT       all  --  192.168.0.0/24       0.0.0.0/0
> > to:202.92.79.119
> > SNAT       all  --  192.168.2.0/24       0.0.0.0/0
> > to:202.92.79.119
> >
> >

<snip>

>

> John,
>
>         This wouldnt have anything to do with the fact that your firewall
> rules are for 202.92.79.119 whereas the DNS server is at 202.92.79.116,
> would it?
>
> Regards,
> Jor-el
>

Those rules allow machines in the LAN to appear to the Internet as 119 - they
are the SNAT source addresses.
So when 192.168.0.3 talks to 202.92.79.116 it appears to 202.92.79.116 as being
from 202.92.79.119.

I can ssh to 202.92.79.116, so that rule shouldnt be blocking DNS lookups.
And the secondary DNS (the one that's still potato) can resolve addresses OK.

But good try anyway...

I'm still trying to make some sense of this - the problem really has to be on
THIS box, as nothing else has changed.

John P Foster

Reply to:

References:
- Re: URGENT - Bind broken by potato-> woody
  - From: Jor-el <jorel@trillian.megadodo.umb>

Prev by Date: Re: URGENT - Bind broken by potato-> woody
Next by Date: Re: UPS software
Previous by thread: Re: URGENT - Bind broken by potato-> woody
Next by thread: Re: URGENT - Bind broken by potato-> woody SOLVED
Index(es):
- Date
- Thread