Re: Redirected dns packets rejected

• Next message: Marcelo Tosatti: "Re: Kernel 2.2.14 OOM killer strikes."
• Previous message: Graydon: "Re: Difficulties with DHCP and 3c90x network cards"
• In reply to: Dale Amon: "Redirected dns packets rejected"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <Pine.LNX.3.96.1000705160212.9891G-100000@angusbay.vnl.com> you writ
e:
> As you can see, the dns request goes out from port 1435 to
> a real DNS server; but the reply comes back to that port
> from the cache serving on the firewall via it's internal
> REDIRECT. The linux workstation then seems to reject it.

Yep: this is correct. Without general connection tracking, there's no
way to map the `reply' packet back. You can use the
`bind-to-foreign-address' hack (if DNS proxy running as root) to
explicitly bind the UDP socket to the desired source address/port.

Hope that helps,
Rusty.

--
Hacking time.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Marcelo Tosatti: "Re: Kernel 2.2.14 OOM killer strikes."
• Previous message: Graydon: "Re: Difficulties with DHCP and 3c90x network cards"
• In reply to: Dale Amon: "Redirected dns packets rejected"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Jul 07 2000 - 21:00:20 EST