ns_forw: operation not permitted
Bill Manning
bmanning at ISI.EDU
Sun Aug 27 20:03:27 UTC 2000
Blackhole is an authorized server for RFC 1918 address space.
It appears your DNS,Firewall combo is correctly recognizing
blackhole as the authorized server for these queries in the public
Internet and is attempting to send queries there but is blocked.
To me, it seems that your not quite "air-tight" and Internet information
is leaking into your private network.
%
% Hi All,
%
% I'm trying to put a new firewall inplace and am receiving the following
% messages in /var/log/messages
%
% Aug 26 17:30:35 unity named[367]: ns_forw: sendto([128.9.64.26].53):
% Operation not permitted
%
% Aug 26 17:30:35 unity kernel: Packet log: output REJECT eth0 PROTO=17
% 208.190.133.161:1067 128.9.64.26:53 L=67 S=0x00 I=26825 F=0x0000 T=64
% (#81)
%
%
% 128.9.64.26 is blackhole.isi.edu
%
% I understand that ns_forw indicates that the server needs to query some
% other server to fulfill a request but I have not been able to tack down
% the source of the message.
%
% Everything on the private network seems to be working correctly...
%
% Any help would be appreciated...
%
%
% Sent via Deja.com http://www.deja.com/
% Before you buy.
%
%
%
--
--bill
More information about the bind-users
mailing list