Re: [Dnsmasq-discuss] dnsmasq / dns server / iptables config glitch?
Thought I had a simple problem but I don't really find anything relevant on the web and I'm not getting any responses to my questions here. Just a pointer in the right direction would be helpful - something to put me back on the scent? Thanks Adam Adam Hardy on 20/11/09 20:38, wrote: I have a lan with a gateway machine running an ADSL modem and two NICs with iptables and dnsmasq. It also runs mysql and tomcat but is currently just a simple gateway, I'm not trying to configure any DMZ or fancier stuff like that. My problem is that I can access mysql using 'localhost:3306' but I can't access it on the same box when using the machine name e.g. 'isengard:3306' and my guess is that I have mis-configured either dnsmasq or iptables. I figure that my command mysql --host=isengard is probably being resolved as external and then getting blocked by the firewall. My dnsmasq config file, based on the example config but with comments removed, is: domain-needed bogus-priv filterwin2k local=/localdomain/ domain=localdomain dhcp-range=192.168.0.3,192.168.0.254 dhcp-option=option:router,192.168.0.2 dhcp-option=option:mtu,1500 and my resolv.conf file is: nameserver 194.74.65.68 and I think this is getting continually rewritten by dhcp with the nameserver info from the dhcp server on the modem which gives the outside NIC its internet ip address. Does this make any sense? Or rather does anyone see where my situation is foobarred?
Re: [Dnsmasq-discuss] dnsmasq / dns server / iptables config glitch?
Silly thought but - is mysql configured to listen to 127.0.0.1 only? Something like sudo netstat -napt | grep 3306 ought to show if mysql is listening on 127.0.0.1:3306 or 0.0.0.0:3306. Regards, Mark Adam Hardy wrote: Thought I had a simple problem but I don't really find anything relevant on the web and I'm not getting any responses to my questions here. Just a pointer in the right direction would be helpful - something to put me back on the scent? Thanks Adam Adam Hardy on 20/11/09 20:38, wrote: I have a lan with a gateway machine running an ADSL modem and two NICs with iptables and dnsmasq. It also runs mysql and tomcat but is currently just a simple gateway, I'm not trying to configure any DMZ or fancier stuff like that. My problem is that I can access mysql using 'localhost:3306' but I can't access it on the same box when using the machine name e.g. 'isengard:3306' and my guess is that I have mis-configured either dnsmasq or iptables. I figure that my command mysql --host=isengard is probably being resolved as external and then getting blocked by the firewall. My dnsmasq config file, based on the example config but with comments removed, is: domain-needed bogus-priv filterwin2k local=/localdomain/ domain=localdomain dhcp-range=192.168.0.3,192.168.0.254 dhcp-option=option:router,192.168.0.2 dhcp-option=option:mtu,1500 and my resolv.conf file is: nameserver 194.74.65.68 and I think this is getting continually rewritten by dhcp with the nameserver info from the dhcp server on the modem which gives the outside NIC its internet ip address. Does this make any sense? Or rather does anyone see where my situation is foobarred? ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq / dns server / iptables config glitch?
My dnsmasq config file, based on the example config but with comments removed, is: domain-needed bogus-priv filterwin2k local=/localdomain/ domain=localdomain dhcp-range=192.168.0.3,192.168.0.254 dhcp-option=option:router,192.168.0.2 dhcp-option=option:mtu,1500 and my resolv.conf file is: nameserver 194.74.65.68 I have a very similar configuration. I think you are close but you may need to tweak your DHCP client. I also have a couple additional lines in my dnsmasq.conf. My /etc/dnsmasq.conf: domain-needed bogus-priv server=/morgan.local/127.0.0.1 local=/morgan.local/ expand-hosts domain=morgan.local dhcp-range=192.168.0.100,192.168.0.199,4h dhcp-option=3,192.168.0.1 dhcp-option=6,192.168.0.1 bogus-nxdomain=208.67.217.130 #OpenDNS bogus-nxdomain=208.69.32.132 #OpenDNS log-facility=/var/log/dnsmasq Take a look at man dhclient.conf to see what might make sense for your configuration. I think prepend domain-name-servers 127.0.0.1 may be all you need. My /etc/dhclient-eth0.conf: supersede domain-name morgan.local; supersede domain-name-servers 127.0.0.1,208.67.222.222,208.67.220.220; #OpenDNS send host-name bricknix; # temporary RHL ifup addition Regards, Brad