[Dnsmasq-discuss] dns query from localnetwork are blocked
samuel.lethiec at intelunix.fr
samuel.lethiec at intelunix.fr
Fri Jan 2 07:21:38 GMT 2015
On 2015-01-02 02:42, T o n g wrote:
> On Thu, 01 Jan 2015 23:10:42 +0100,
> samuel.lethiec-YHh4hrT2YEVlDBTeMj46bQ
> wrote:
>
>>> Now, I've run out of all the possibilities.
>>> What could be the problem?
>>
>> iptables-save is usually the recommended way to show your ruleset.
>
> $ iptables-save | wc
> 0 0 0
Could you run the same command with sudo?
>
>> Also, could you show the result of:
>>
>> sudo ss -o state listening -utp 'sport = :domain'
>
> $ sudo ss -o state listening -utp 'sport = :domain'
> Netid Recv-Q Send-Q Local Address:Port Peer
> Address:Port
> tcp 0 5 127.0.0.1:domain
> *:* users:(("dnsmasq",pid=1570,fd=11))
> tcp 0 5 192.168.2.100:domain
> *:* users:(("dnsmasq",pid=1570,fd=9))
> tcp 0 5 192.168.2.101:domain
> *:* users:(("dnsmasq",pid=1570,fd=7))
> tcp 0
> 5 ::1:domain :::*
> users:
> (("dnsmasq",pid=1570,fd=15))
> tcp 0 5 fe80::216:76ff:fedc:8482%
> eth0:domain :::* users:
> (("dnsmasq",pid=1570,fd=13))
>
This looks fine and if your firewall ruleset is indeed empty, you'd
need to sniff network(e.g. with tcpdump) on the server to see whether
dns requests really reach it or not.
> Thanks
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
More information about the Dnsmasq-discuss
mailing list