On Mon, 8 Jul 2002, Jim Van Eeckhoutte wrote:
> ---------- Original Message ----------------------------------
> From: "Jim Van Eeckhoutte" <jim@vaneeckhoutte.com>
> Reply-To: <jim@vaneeckhoutte.com>
> Date: Mon, 8 Jul 2002 15:27:14 -0700
>
> this is shorewall status output:
>
> tcp 6 431899 ESTABLISHED src=192.168.20.5 dst=64.4.12.45 sport=2185
dport=1863 src=64.4.12.45 dst=63.25.123.58 sport=1863 dport=2185 [ASSURED] use=1
> udp 17 30 src=192.168.20.5 dst=192.168.20.254 sport=2359 dport=53
[UNREPLIED] src=192.168.20.254 dst=192.168.20.5 sport=53 dport=2359 use=1
> tcp 6 431999 ESTABLISHED src=192.168.20.5 dst=192.168.20.254
sport=2130 dport=22 src=192.168.20.254 dst=192.168.20.5 sport=22 dport=2130
[ASSURED] use=1
> udp 17 28 src=192.168.20.5 dst=192.168.20.254 sport=2358 dport=53
[UNREPLIED] src=192.168.20.254 dst=192.168.20.5 sport=53 dport=2358 use=1
>
> i have dnscache.lrp and daemontl.lrp running on bering box. When setting
> client to point to bering router as dns , it cant resolve. Is there a
> reason why the above is UNREPLIED?
Because either dnscache hasn''t replied (do you have rules allowing DNS
queries from the firewall to the internet at large?) or you have a routing
problem such that there isn''t a route back to 192.168.20.5 (I think you
would have noticed that before however).
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net