>>>>> "MD" == Michael Doerner <[EMAIL PROTECTED]> writes:
MD> I always try to make as less as possible changes to the standard
MD> filter rules. I would start trying to find out, _which_ name this
MD> DNS request it tries to resolve. This might help a lot to detect the
MD> culprit. Did you try to run your name server with more logging
MD> options?
MD> Try "ndc querylog" which turns logging on/off. That should show you
MD> (in the messages file) the sort of DNS request. I usually look into
MD> the file by 'tail -f /var/log/messages' at the same time that the
MD> request comes from other machines/your Win98 client.
I turned on the query log and I see an entry in my /var/log/messages
acknowledging that named has query log on. I rebooted my linux client (I am
unable to reboot my windblows systems remotely but I thought I'd see what
diald would do when any system reboots) and diald is triggered.
My /var/log/messages shows the following:
Nov 23 09:24:56 firewall diald[2346]: Trigger: udp 192.168.0.100/61265
207.198.253.36/53
Port 53 is for name server querying and the 207.x.x.x address is my ISP
nameserver. The 192.x.x.x address is the remote address I specified to
diald as the placeholder address. I have no idea was port 61265 is about.
My local named did not make any entries in my messages log. BTW I think
that the same thing happens when my win98 systems reboot too.
So, again, it seems as if something - and not necessarily windblows, is
causing named to trigger diald when a system simply is booted. Is this
to be expected?
--
Jake Colman
Principia Partners LLC Phone: (201) 946-0300
Harborside Financial Center Fax: (201) 946-0320
902 Plaza II Beeper: (800) 505-2795
Jersey City, NJ 07311 E-mail: [EMAIL PROTECTED]
E-mail: [EMAIL PROTECTED]
web: http://www.ppllc.com
"Every time I think I've idiot-proofed something someone comes up with a
better idiot"
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
