On 31 Aug 2003, Bret Hughes wrote: > On Sun, 2003-08-31 at 14:56, Benjamin J. Weiss wrote: > > All, > > > > I'm setting up a name server for work. I've gone into the > > redhat-config-bind tool, and I think I have all of the zones configured > > correctly. I was able to add the service with chkconfig, and I was able to > > start the named service with /etc/init.d/named start. I allowed port 53, > > both tcp and udp through the firewall, with the following two iptables > > rules: > > > > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 53 --syn -j ACCEPT > > -A RH-Lokkit-0-50-INPUT -p udp -m udp --sport 53 -j ACCEPT > > > > and restarted iptables. > > > > I still couldn't get anything from dig, so I tried a netstat -tap | grep > > named: > > > > tcp 0 0 orion.osbi.state:domain *:* LISTEN > > 21389/named > > tcp 0 0 localhost:domain *:* LISTEN > > 21389/named > > tcp 0 0 localhost:rndc *:* LISTEN > > 21389/named > > > > > > Note that orion.osbi.state.ok.us is the name of the machine. This seems to > > show that the named daemon is only listening to itself for dns queries, > > correct? > > > > Not sure about this. I believe that the external ip address is getting > resolved to the manchine name. Try: > netstat -tapn | grep named > > it should shout the ipaddress of the interface > > Nret >
Okay: [EMAIL PROTECTED] root]# netstat -tapn | grep named tcp 0 0 204.87.126.145:53 0.0.0.0:* LISTEN 21389/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 21389/named tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 21389/named And I can still do a dig from the machine, but not from any external machine. I know the port is open (I've done an nmap from home). I did a netstat -tapn | grep httpd, and it shows that the ip address should be 0.0.0.0 instead of the local ip address.... Ben -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
