I wasn't paying attention to the Service ID.....
It is a DNS Lookup.... Don't know what the heck
1025 is.....
Try the following rules inhibit DNS to DNS Server
Lookups, but allow Non-DNS to DNS Lookups:
# Don't bring up on domain name requests between two running nameds.
ignore udp udp.dest=udp.domain,udp.source=udp.domain
# Bring up the network whenever we make a domain request from someplace
# other than named.
accept udp 60 udp.dest=udp.domain
accept udp 60 udp.source=udp.domain
Do you have DNS enabled on your Win98 Machines. If so, do you
have there DNS Lookup pointed to a Server on the Internet, or Local ?
----- Original Message -----
From: Matt Hoppes <[EMAIL PROTECTED]>
To: Ben Johnson <[EMAIL PROTECTED]>
Cc: Linux - Diald <[EMAIL PROTECTED]>
Sent: Tuesday, November 16, 1999 6:43 PM
Subject: Re: FILTERED
> I don't understand though why the DNS server would be bringing the link up
> because I have this in the standard.filter file that loads from
> diald.conf:
>
> # Keep named xfers from holding the link up
> ignore tcp tcp.dest=tcp.domain
> ignore tcp tcp.source=tcp.domain
>
> Matt
>
> On Tue, 16 Nov 1999, Ben Johnson wrote:
>
> > Date: Tue, 16 Nov 1999 15:34:12 -0800
> > From: Ben Johnson <[EMAIL PROTECTED]>
> > To: Matt Hoppes <[EMAIL PROTECTED]>
> > Subject: Re: FILTERED
> >
> > 53 is the DNS port. These are DNS lookups. I can't tell if they're
> > coming fron a name server on your network or not. Now play with the
> > rules for a little while until it's functionin the way you want it to.
> > There should be a couple files that came with diald that contain many
> > commented examples. Also ther's the diald man page and the
> > diald-examples man page for some excelent info.
> >
> > consult the /etc/services file for info on ports and services.
> >
> > - Ben
> >
> > On Tue, Nov 16, 1999 at 06:18:38PM -0500, Matt Hoppes wrote:
> > > Ok,
> > > here is what diald gives me... anyone make heads or tales out of this
and
> > > tell me what it is or how to read it? I'm guessing that the problem
has
> > > to do with my DNS server because of the h.root-servers.net. How would
I
> > > fix this?
> > >
> > >
> > >
> > > Nov 16 23:05:07 ics diald[362]: filter accepted rule 25 proto 17 len
45
> > > packet 10.1.1.1,1025 => 128.63.2.53,53
> > > (128.63.2.53 resolves to be h.root-servers.net)
> > >
> > >
> > > these where also accepted on rule 25 (but after it started to dial):
> > >
> > > Nov 16 23:05:10 ics diald[362]: filter accepted rule 25 proto 17 len
45
> > > packet 10.1.1.1,1025 => 202.12.27.33,53
> > > (202.12.27.33 resolves to m.root-servers.net)
> > >
> > > Nov 16 23:05:14 ics diald[362]: filter accepted rule 25 proto 17 len
45
> > > packet 10.1.1.1,1025 => 192.5.5.241,53
> > > (192.5.5.241 resolves to f.root-servers.net)
> > >
> > >
> > > -
> > > To unsubscribe from this list: send the line "unsubscribe linux-diald"
in
> > > the body of a message to [EMAIL PROTECTED]
> >
> > --
> >
> >
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> the body of a message to [EMAIL PROTECTED]
>
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
