From: Gordon R. <ru...@cl...> - 2005-03-24 15:07:53
|
Scott wrote: > Hello, > > I am new to devil linux and have been moving forward quite nicely with it. I > am trying to move our redhat firewall to devil. The last problem is now that > my internal clients to the firewall can't resolve external names. They can get > to external IPs no problem. The firewall, can resolve external names though. > So, I am not sure what the problem is. I have been RTFM'ing for a day can't > seem to find anything that is pointing to the problem, any help would be > greatly appreciated. Another question: should the routing work without > iptables working first. Shouldn't internal clients be able to reach external > sites first without a iptables running? > > whats going on w/ your iptables rules? I gather that: 1) you are masqing your internal net to a single eth0 ip address? 2) your DNS servers are external? 3) you can ping/traceroute your DNS servers from internal clients? 4) your clients DNS settings are correct? Are you able to flush any/all iptables rules & set default IN/OUT/FORWARD rules to ACCEPT, and still cant hit DNS servers UDP on port 53 from internal clients? look hard at output from iptables-save for rules (and rule order) that may be stopping forward of UDP/53 gordon |