Re: [Devil-Linux-discuss] Internal Clients can't resolve names

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Scott wrote:
> Hello,
> 
> I am new to devil linux and have been moving forward quite nicely with it. I
> am trying to move our redhat firewall to devil. The last problem is now that
> my internal clients to the firewall can't resolve external names. They can get
> to external IPs no problem. The firewall, can resolve external names though.
> So, I am not sure what the problem is. I have been RTFM'ing for a day can't
> seem to find anything that is pointing to the problem, any help would be
> greatly appreciated. Another question: should the routing work without
> iptables working first. Shouldn't internal clients be able to reach external
> sites first without a iptables running?
> 
> 

whats going on w/ your iptables rules?

I gather that:
1) you are masqing your internal net to a single eth0 ip address?
2) your DNS servers are external?
3) you can ping/traceroute your DNS servers from internal clients?
4) your clients DNS settings are correct?

Are you able to flush any/all iptables rules & set default 
IN/OUT/FORWARD rules to ACCEPT, and still cant hit DNS servers UDP on 
port 53 from internal clients?

look hard at output from iptables-save for rules (and rule order) that 
may be stopping forward of UDP/53

gordon