Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 680 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

2 issues with v3.2

tank
1. Astaro continues to try and access the root DNS servers on port 53.  I have the DNS proxy setup with an internal DNS server which I have tested and works correctly.  I have seen another user report this error also.

2. Dest: Any
   Service: IDENT
   Source: Any
   Action: Reject
Set as the very first rule, does not seem to do what it says.  I still see logs of the IDENT being dropped.  I have noticed similiar behavior when using "Any" but not always.


This thread was automatically locked due to age.
  • 0
    Try editing /etc/resolv.conf. You should replace 127.0.0.1 with your dns server address. Note that some services may use a different resolv.conf (chrooted) so you must change resolv.conf in every /var/chroot-*/etc/resolv.conf too. Also, be sure to allow dns access from asl box to your nameserver.
  • 0 in reply to KillJoy
    issue2: use the ip address you see in livelog as destination for your rule - not any .. this will work, since it's incoming traffic to the firewall and no forwarding traffic