Whois - unable to connect.
Simon Slater
pyevet at aapt.net.au
Thu Nov 20 03:07:26 UTC 2008
On Thu, 2008-11-20 at 11:25 +1100, Simon Slater wrote:
>
> On Thu, 2008-11-20 at 07:25 +0800, Ed Greshko wrote:
> > Simon Slater wrote:
> > > On Thu, 2008-11-20 at 06:43 +0800, Ed Greshko wrote:
> > >
> > >>> I suppose the config file is the first place to look, but what
> > >>>
> > >> is the
> > >>
> > >>> relevant section? Couldn't see anything relevant in bugzilla. I'm
> > >>> using F8 if that makes a difference.
> > >>>
> > >>>
> > >>>
> > >> Q1 Are all whois requests timing out or just this one? e.g. whois
> > >> cnn.com works? fails?
> > >>
> > >>
> > > [simon at ipex ~]$ whois cnn.com
> > > [Querying whois.verisign-grs.com]
> > > [Unable to connect to remote host]
> > > [simon at ipex ~]$
> > > All for the past while, Ed, but not sure when it started.
> > >
> > >> Q2 Have you tried something like wireshark or tcpdump and filtered
> > >> on
> > >> port 43 (whois port)?
> > >>
> > >>
> > > Nothing at all on wireshark port 43 TCP nor UDP. So the request is not
> > > being sent at all?
> > >
> > Right... Not going out at all.... Something with your firewall setup?
> >
> I think I got the iptables syntax wrong on that try. Someone's just
> dropped in. I'll post back soon with the results.
>
Back again. I made changes to the iptables rules but still no joy. The
changes must not be correct because in the logs are:
Nov 20 13:59:14 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.172.32 DST=192.149.252.44 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=6278 DF PROTO=TCP SPT=40743 DPT=43 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 20 13:59:17 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.172.32 DST=192.149.252.44 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=6279 DF PROTO=TCP SPT=40743 DPT=43 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 20 13:59:26 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.172.32 DST=199.43.0.144 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=46068 DF PROTO=TCP SPT=50299 DPT=43 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 20 13:59:29 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.172.32 DST=199.43.0.144 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=46069 DF PROTO=TCP SPT=50299 DPT=43 WINDOW=5840 RES=0x00 SYN URGP=0
Nov 20 13:59:33 ipex kernel: [IPTABLES DROP] : IN= OUT=ppp0
SRC=59.101.172.32 DST=199.7.51.74 LEN=60 TOS=0x00 PREC=0x00 TTL=64
ID=46927 DF PROTO=TCP SPT=44984 DPT=43 WINDOW=5840 RES=0x00 SYN URGP=0
The additions to the iptable rules are in the snipped listing below.
What did I do wrong?
[root at ipex ~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp
echo-reply
ACCEPT icmp -- anywhere anywhere icmp
destination-unreachable
ACCEPT tcp -- anywhere anywhere multiport
sports http,https state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere multiport
dports http,https state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp
spt:domain state ESTABLISHED
ACCEPT udp -- anywhere anywhere udp
spt:domain state ESTABLISHED
ACCEPT tcp -- anywhere anywhere multiport
sports smtp,pop3,nntp state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp
dpt:smtp state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp
dpt:nicname state ESTABLISHED
ACCEPT udp -- anywhere anywhere udp
dpt:nicname state ESTABLISHED
<SNIP>
Chain FORWARD (policy DROP)
target prot opt source destination
<SNIP>
ACCEPT tcp -- anywhere anywhere tcp
dpt:nicname
ACCEPT udp -- anywhere anywhere udp
dpt:nicname
LOG_DROP all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
<SNIP>
ACCEPT tcp -- anywhere anywhere tcp
spt:nicname state NEW,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp
spt:nicname state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp
dpt:ftp-data state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp
spts:1024:65535 dpts:1024:65535 state NEW,RELATED,ESTABLISHED
ACCEPT all -- anywhere 192.168.0.0/24
ACCEPT udp -- default 255.255.255.255 udp
spt:bootps dpt:bootpc
<SNIP>
ACCEPT all -- ipex.local 192.168.0.0/24
LOG_DROP all -- anywhere anywhere
Chain LOG_ACCEPT (8 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level
warning prefix `[IPTABLES ACCEPT] : '
ACCEPT all -- anywhere anywhere
Chain LOG_DROP (3 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level
warning prefix `[IPTABLES DROP] : '
DROP all -- anywhere anywhere
--
Regards,
Simon Slater
Registered Linux User #463789. Be counted at: http://counter.li.org/
More information about the fedora-list
mailing list