-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 02/13/2017 10:26 PM, John Knight Jr wrote: > I've been using shorewall for years but I can't seem to figure this > one out. > > When I try to access 'www.walgreens.com' the DNS resolver times out > with shorewall running. > > I've narrowed it down to their asset storage on > www.wag-static.com. > > Using the following command: > > dig +trace www.wag-static.com > > When shorewall is stopped, the query succeeds. > > If shorewall is active, the query times out trying to access > walgreen's name servers. > > I've attached a shorewall dump. > > Thousands of other queries work fine, this one gets stuck > somewhere. >
Is their authoritative name server listed in your Blacklistnets ipset? - -Tom - -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJYpNqaAAoJEJbms/JCOk0Qo+QQAKf22LUJIIZt8Al7bpMJf1ff qd9OZNt6KD7CA0RURi/h/XlLZvzNz/vhAwisNLFqadI/N3nOLp1Z3JYjRm+7miTZ Eb6ADROJNlpZ7sJf7spsU9a6LDIdWcPoETo9D7fmrQYai5st5fe6vYNSiSGvDkfc uCmtT6xCc/S3QB6fKn/Pe9Cvm7O96sIcb6qcuwdL5J9mfhoIDwwGbiPi/qABVXN2 GufNF0PS+PBt2Ksmk7iH99RITCv33zvargu2WGpBHwXN71QV/cU6OuUmodTy4QcA 2ETLjINt+0jK1kiBCQ40wgxC5w/pPMuOiYTc2yZMMIEGTY2PQ8BOxngl9IXHO7zC 9fejRkEc4m2Lt9MPEYwDp1WD1nOSZ1fgK+bYEnTdSUc/WOaJypYxPfk5s1Uxa3OV N7fowakpzjhZywMj9YEEj18nsVwqtJTGtRcEeWrwEhSoJLky9NdXpBrmWdtyM2zg umkiq9Esgu3LLPuSokr15+Dlh5X5qWs5eOt0LPPGacaUi8PgVY9wXzfhzLt6gGDu g2m622P4HT0T6dQ7V3X9LbSEB3ABYJ5Hee/gIHNvE/oYS6JARkXNNBx7YtavYM/L l2v31s1YIYeUWx/ULEitn4OSA1J3pwz/ZF23mF4/2W4ZohpbyBRJpCoWvYBDjhsP 4Gcra66PSc8bOy9VaSGy =jUeh -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
