[7.385] DNS Requests dropped by Default Rule

Hi,

since i did the update this morning all DNS requests are dropped by the deafult pf rule.

What can i do? Do you need login or logs?

regards, mario

0 quasar3c279 over 16 years ago in reply to quasar3c279
i found something in /tmp/mdwdebug.log:

iptables-restore v1.3.5: host/network `' not found
Error occurred at line: 12
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
12: -A AUTO_OUTPUT -d /255.255.255.255 -p tcp --sport 1:65535 --dport 443 -j CONFIRMED

the ip is missing, thus the iptables-restore doesn't work. maybe a wrong initialized variable? maybe it has something to do with site-2-site ssl because of the destination port.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 d12fk over 16 years ago in reply to quasar3c279

Well observed! This is probably caused by a bug in the code that sets packet filter rules for SSL site-to-site VPN client connections. That bug is fixed already but the fix is not released, yet.

You can try if things work out for you after you disabled all SSL site-to-site client connections. If so, you may want to override the server address at the client connection settings dialog using an IP address. The bug is triggered when DNS hostnames come into play.

The final fix will come with the next beta.

Sorry for the inconvenience.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel