[ previous ] [ next ] [ threads ]
 
 From:  Roberto Greiner <mrgreiner at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Monowall trying to solve Private IPs
 Date:  Thu, 21 Jun 2007 15:29:35 -0300
Hi,

I got a small problem with monowall. Checking our DNS logs, it was found
that monowall is trying to solve names for the IPs behind the NAT:

21-Jun-2007 14:40:22.701 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 234.216.16.172.in-addr.arpa
21-Jun-2007 14:41:57.322 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 190.172.16.172.in-addr.arpa
21-Jun-2007 14:41:57.445 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 251.238.16.172.in-addr.arpa
21-Jun-2007 14:41:58.333 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 208.249.16.172.in-addr.arpa
21-Jun-2007 14:42:02.297 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 244.245.16.172.in-addr.arpa
21-Jun-2007 14:45:56.036 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 104.229.16.172.in-addr.arpa
21-Jun-2007 14:45:56.345 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 74.246.16.172.in-addr.arpa
21-Jun-2007 14:56:04.685 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 251.136.16.172.in-addr.arpa


Our install of Monowall is using captive portal, DHCP is disabled, DNS
forwarder is enabled, WAN addresses is static, no traffic shaper enabled.

Does somebody know if it possible to avoid these name resolution attempts?

Thank you very much,

Marcos Roberto Greiner

-- 
  -----------------------------------------------------
                Marcos Roberto Greiner

   Os otimistas acham que estamos no melhor dos mundos
    Os pessimistas tem medo de que isto seja verdade
                                       Murphy
  -----------------------------------------------------