[7.891][NOTABUG][CLOSED] DNS only proxies one network

Yesterday, I looked at utm_kid's box becase he was having troubles trying to surf from his W2K8 server in his DMZ. I watched both his HTTP and Packet Filter live logs while he attempted access, and there was no indication inn the HTTP Live Log of traffic from his server. In the PF Live Log, there were drops to both DNS Forwarders listed in the DNS Proxy:

19:10:29 Default DROP UDP 192.168.DMZ.225 : 55772 → 202.54.29.5 : 53 len=50 ttl=127 tos=0x00 srcmac=0:1c:c0:aa:21:8c dstmac=0:50:ba:89:a1:58

There were plenty of lines in the HTTP Live Log from his laptop in "Internal (Network)."

Finally, to work around the DNS bug, I made a packet filter rule

'DMZ (Network) → DNS → {Forwarders group} : Allow'

That allowed the DNS traffic, and the server could then access the Internet.

Cheers - Bob

Parents

0 kbr over 15 years ago
So, just for me to understand this correctly:

utm_kids problem is solved now
the "problem" is now well understood by everyone
the only thin left to do is for us (Astaro) to improve the help texts

Or am i getting something wrong?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 kbr over 15 years ago
So, just for me to understand this correctly:

utm_kids problem is solved now
the "problem" is now well understood by everyone
the only thin left to do is for us (Astaro) to improve the help texts

Or am i getting something wrong?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data