[lug] using tcpdump to emulate effects of packet dump
Jeffrey Siegal
jbs at quiotix.com
Fri Jul 18 03:11:24 MDT 2003
D. Stimits wrote:
> The linux side does not *always* break when port 1026 is blocked, but
> due to the way ports are used for DNS, sometimes name servers *do* use
> that port...it is a response to what the requesting box says is an open
> port when under linux. If by random chance a dns request has 1026 open
> as the first udp port above 1023, then dns will hang.
You can get your linux box to always use port 53 for DNS requests if you
you want by running a caching nameserver locally and configuring it to
make requests on port 53.
>> The purpose of the caching server is to allow DNS to work without having
>> the Windows boxes doing the queries themselves. They query the caching
>> server, the caching server does the queries. The filter *does* allow
>> UDP to go to the caching server, which is safe because you're running a
>> secure operating system (and DNS server there) there, not Windows. Or
>> you can configure it to do its outgoing DNS requests on port 53, and
>> block the rest. Either way.
>
>
> Doesn't it require an IP address?
I think you could do something with header rewriting that wouldn't
require an IP address; at least not a public one.
More information about the LUG
mailing list