[ previous ] [ next ] [ threads ]
 
 From:  "Dixon, Wayne" <wcdixo at aurora dot lib dot il dot us>
 To:  "Roberto Greiner" <mrgreiner at gmail dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Monowall trying to solve Private IPs
 Date:  Thu, 21 Jun 2007 13:50:34 -0500
Roberto:

Are you using NAT on the WAN Address for the internal clients?   If so,
then I'm stumped, otherwise make sure you have NAT Enabled.  You can
also select the Block RFC1918 option on the WAN interface, if you have a
Non RFC1918 WAN address.

Wayne


-----Original Message-----
From: Roberto Greiner [mailto:mrgreiner at gmail dot com] 
Sent: Thursday, June 21, 2007 1:30 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Monowall trying to solve Private IPs


Hi,

I got a small problem with monowall. Checking our DNS logs, it was found
that monowall is trying to solve names for the IPs behind the NAT:

21-Jun-2007 14:40:22.701 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for
234.216.16.172.in-addr.arpa 21-Jun-2007 14:41:57.322 security: warning:
client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for
190.172.16.172.in-addr.arpa 21-Jun-2007 14:41:57.445 security: warning:
client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for
251.238.16.172.in-addr.arpa 21-Jun-2007 14:41:58.333 security: warning:
client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for
208.249.16.172.in-addr.arpa 21-Jun-2007 14:42:02.297 security: warning:
client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for
244.245.16.172.in-addr.arpa 21-Jun-2007 14:45:56.036 security: warning:
client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for
104.229.16.172.in-addr.arpa 21-Jun-2007 14:45:56.345 security: warning:
client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for 74.246.16.172.in-addr.arpa
21-Jun-2007 14:56:04.685 security: warning: client a.b.c.d#1510: view
internal: RFC 1918 response from Internet for
251.136.16.172.in-addr.arpa


Our install of Monowall is using captive portal, DHCP is disabled, DNS
forwarder is enabled, WAN addresses is static, no traffic shaper
enabled.

Does somebody know if it possible to avoid these name resolution
attempts?

Thank you very much,

Marcos Roberto Greiner

-- 
  -----------------------------------------------------
                Marcos Roberto Greiner

   Os otimistas acham que estamos no melhor dos mundos
    Os pessimistas tem medo de que isto seja verdade
                                       Murphy
  -----------------------------------------------------

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch