[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Configuring Diald on gateway
- To: "zoqix" <http://www.yahoo.com/~zoqix>
- Subject: Re: Configuring Diald on gateway
- From: http://dummy.us.eu.org/robert (robert)
- Date: Sat, 9 Nov 2002 01:37:13 -0500
- In-Reply-To: <004c01c04860$277ae680$6688a8c0@krdl.org.sg>
- Keywords: http://www.yahoo.com/~zoqix
> From: "zoqix" <http://www.yahoo.com/~zoqix>
> Date: Tue, 7 Nov 2000 10:12:17 +0800
>
> > > How do I resolve that then? (my client tried to get a
> > > dhcp lease or ftp
> > > using ip address to my server, my server activate the
> > > link)
> >
> > OK, then probably something else is wrong.
> >
> > 1) Is your Linux host trying to do a reverse-lookups? The way to see this
> > is to run "tcpdump" and look for both TCP & UDP traffic with port 53.
>
> I'm not sure whether it's reverse-lookup but link is activated by UDP
> traffic with port 53.
> Activated by the filter udp.dest=udp.domain.
> By the way, I'm using diald version 0.99-4 but I don't think it makes any
> difference cos the setup is the same :)
Try doing "tcpdump eth0 -s 8192 -w - udp port 53 | strings" while you
do the connect. You should be able to see the address it's trying to look
up.
> > 2) Are you running IP masquerading?
>
> Yes, I'm running IP masquerading.
>
> > > Later, if I intend to add in local dns, won't that be
> > > even more problematic?
> >
> > I run dnrd, Domain Name Relay Daemon, and it works like a charm. (It's
> > not a real DNS server, 'though.)
>
> I'm running named
Do you have any forwards in your named.conf?
> with dhcp-ddns and it keeps activating my link.
Also, how is routing set up? (Do "route -n".)
Also, where did you get your IP masquerading rules from? I assume you are
using ipchains.
> I think it's because it trys to update my local dns with external ones.
Unless you have forwarding set up, I doubt it.
What does your /etc/host.conf look like?
> Do you know any way to set the refresh mode of this off? This may not solve
> the whole problem of my diald. But it solve at least one.
>
> >
> > > -----Original Message-----
> > > From: robert <http://dummy.us.eu.org/robert>
> > > To: zoqix <http://www.yahoo.com/~zoqix>
> > > Date: Friday, November 03, 2000 10:34 PM
> > > Subject: Re: Configuring Diald on gateway
> > >
> > > > > From: "zoqix" <http://www.yahoo.com/~zoqix>
> > > > > Date: Fri, 3 Nov 2000 07:40:35 +0800
> > > > >
> > > > > Hi Robert,
> > > > >
> > > > > I know what went wrong now. Becos I cut and paste
> > > your standard filter
> > > from
> > > > > WinWord and therefore it end up as an invalid file
> > > for Linux.
> > > > > I've solved that and tried out your
> > > standard.filter on my system.
> > > However,
> > > > > there's still the same problem. When my client
> > > tried to get a dhcp lease
> > > or
> > > > > ftp to my server, my server activate the link.
> > > > >
> > > > > Even if I do a "ftp 192.168.5.1" from my client
> > > (192.168.5.2). Has it
> > > got
> > > > > something to do with dns lookups?
> > > >
> > > >I suspect so.
> > > >
> > > > > But I'm using ip addr here, not name.
> > > >
> > > >It doesn't matter.
> > > >
> > > > > How
> > > > > do I resolve that?
> > > >
> > > >Did you feed in the .reg file that I sent?
> > > >
> > > > >
> > > > > And what if later I want to use something like
> > > "ftp pc1" (pc1 is the
> > > > > server), do I have to edit the filter to take into
> > > account dns lookup at
> > > > > local network?
> > > >
> > > >No. It shouldn't matter.
> > > >
> > > > >
> > > > > May I know what is the meaning of the following
> > > statements?
> > > > >
> > > > > ignore udp
> > > udp.dest=udp.domain,udp.source=udp.domain
> > > > > accept udp 90 udp.dest=udp.domain
> > > > > ignore udp udp.source=udp.domain
> > > >
> > > >This says to bring up the line for a DNS lookup,
> > > unless either both the
> > > >source is a domain lookup (i.e., a zone transfer is
> > > happening, although
> > > >most zone transfers happens via TCP, not UDP).
> > > >