Re: DNS Help

  • From: "Jim Harrison" <jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 6 Feb 2002 07:15:11 -0800

Those are all DNS queries (UDP-53) and one SMTP packet from 192.146.150.3
(TCP-25).

What's happening is that the PF service is rejecting the packets.
Exactly how are your packet filters defined?

Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison/
Read the books!

----- Original Message -----
From: "Raji Arulambalam" <rajia@xxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, February 05, 2002 19:44
Subject: [isalist] DNS Help


http://www.ISAserver.org


Hi

I am hosting a DNS server on the ISA server. I have set up packet filters
etc as in KB articles Q292278, Q291662 to answer DNS queries and zone
transfers.

Can someone explain why these are blocked /  what do they mean... taken from
the Packet Filter logs.
2/6/2002, 0:02:55, 62.168.72.75, 192.146.150.10, Udp, 2656, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:03:00, 62.168.72.75, 192.146.150.10, Udp, 2647, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:03:04, 62.168.72.75, 192.146.150.10, Udp, 2647, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:03:12, 62.168.72.75, 192.146.150.10, Udp, 2664, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:03:17, 62.168.72.75, 192.146.150.10, Udp, 2664, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:03:21, 62.168.72.75, 192.146.150.10, Udp, 2664, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:03:46, 192.146.150.3, 210.48.22.151, Tcp, 59309, 25, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:03:52, 62.168.72.75, 192.146.150.10, Udp, 2668, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:03:57, 62.168.72.75, 192.146.150.10, Udp, 2668, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:04:01, 62.168.72.75, 192.146.150.10, Udp, 2668, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 0:39:56, 195.101.94.7, 192.146.150.100, Udp, 1688, 53, -, BLOCKED,
192.146.150.3, -, -
2/6/2002, 15:49:42, 203.97.32.5, 192.146.150.100, Udp, 37898, 53, -,
BLOCKED, 192.146.150.3, -, -
2/6/2002, 15:37:24, 209.81.9.151, 192.146.150.100, Udp, 2871, 53, -,
BLOCKED, 192.146.150.3, -, -
2/6/2002, 15:12:02, 208.24.179.207, 192.146.150.100, Udp, 52983, 53, -,
BLOCKED, 192.146.150.3, -, -
2/6/2002, 15:09:36, 202.7.15.13, 192.146.150.100, Udp, 59100, 53, -,
BLOCKED, 192.146.150.3, -, -
2/6/2002, 15:09:40, 202.7.15.13, 192.146.150.100, Udp, 59100, 53, -,
BLOCKED, 192.146.150.3, -, -
2/6/2002, 15:09:41, 202.7.15.13, 192.146.150.100, Udp, 59100, 53, -,
BLOCKED, 192.146.150.3, -, -
2/6/2002, 15:09:45, 202.7.15.61, 192.146.150.100, Udp, 62862, 53, -,
BLOCKED, 192.146.150.3, -, -
2/6/2002, 15:09:45, 202.7.15.61, 192.146.150.100, Udp, 62862, 53, -,
BLOCKED, 192.146.150.3, -, -

If these are for Reverse lookups (there are mail systems that now do these
before accepting mail.) how do I allow it.??

Thanks

---------------------------------------------
  Raji Arulambalam
  Systems Administrator
  Bay of Plenty REGIONAL Council
  P O Box 364 Whakatane.
  NEW ZEALAND
  Phone: 0800 ENV BOP (0800 368 267) +64 7 922 3390
  Fax:    0800 ENV FAX (0800 368 329) +64 7 922 3393
  http://envbop.govt.nz
--------------------------------------------
Ed Rooney:  I don't trust this kid any farther than I can throw him. Grace:
With your bad knee Ed, you shouldn't throw anybody.



******************************************************
This e-mail has been checked for viruses and no viruses were detected.

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 02-2002