Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: [leaf-user] udp masq entry and dns abuse

From: "Luis.F.Correia" <Luis.F.Correia () seg-social pt>
Date: Tue, 17 Feb 2004 08:44:44 -0000
My uneducated guess is that with this setup, every dnscache
query to the DNS servers, also counts as a NAT connection.

You should move dnscache to youe leaf-router to avoid this.
Also, with this setup, you have in fact double NAT.

Web caching is possible using only one eth on your RH9 box.

But again, these are only my 0.02 EUR cents ;)


Luis Correia   
Bering uClibc Team Member

PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 
Key Server: http://pgp.mit.edu




-----Original Message-----
From: greg gede [mailto:mymilis2000 () yahoo com] 
Sent: Tuesday, February 17, 2004 2:59 AM
To: leaf-user; milis securityfocus
Subject: [leaf-user] udp masq entry and dns abuse

Lately i'm having problem with udp masq entry in my
internet leaf-router with a lot of messages like this:
IP_MASQ:ip_masq_new(proto=UDP): could not get free
masq entry (free=36864)

here's my network looks like :
        -------------          -----------------------

        |leaf-router|          |RH9 squid & dnscachex|
to -----|eth0   eth1|---|HUB|--|eth0             eth1|
internet|           |          |                     |
        -------------          -----------------------
                                                    |
                                                    |
                                             |switch|
                                                | | | 
                                     subnet A - | | | 
                                     subnet B --- | |
                                     subnet C ------| 


everytime i stop dnscachex, the messages also stop. am
i having dns abuse from my internal network? or is it
because there are too many clients in my internal
network? how do i deal with it?

any suggestion will be very appreciated.

regards,
gregor

__________________________________
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online.
http://taxes.yahoo.com/filing.html


-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
--------------------------------------------------------------
----------
leaf-user mailing list: leaf-user () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: