[ previous ] [ next ] [ threads ]
 
 From:  Paul Barnfather <plb at clanger9 dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Outbound DNS queries showing up as BLOCKED in logs?
 Date:  Tue, 25 Nov 2003 19:42:03 +0100
I have noticed that DNS queries on the WAN interface (sis2) are showing 
up in my firewall log.

For example:

19:25:03.030199 sis2 @0:6 B 212.186.175.183,1345 -> 195.34.133.20,53 PR 
udp len 20 59 OUT
19:25:03.029672 sis2 @0:6 B 212.186.175.183,1344 -> 195.34.133.19,53 PR 
udp len 20 59 OUT

The DNS servers are the ones assigned by my ISP (I'm using the funky new
"Allow DNS server list to be overridden by DHCP/PPP on WAN" feature in pb20)

This is on a net5401. I think this may have also occurred with pb19, 
maybe earlier.

Isn't m0n0wall supposed to automagically add outbound rules to enbable 
such traffic?

Oddly enough, DNS lookups are working fine so I'm not entirely sure 
what's being blocked here(?)