« previous next »
Pages: [1]

Author Topic: [solved] Zentyal banned my slave dns  (Read 1914 times)

psauxw

  • Guest
[solved] Zentyal banned my slave dns
« on: May 08, 2013, 09:01:46 pm »
Hello all,

I had some problems with "named" on my slave dns server so I think it tried to transfer a zone too many times and got banned by my zentyal box...

When i "/etc/init.d/zentyal firewall stop" I can now transfer my zones normally ....

Question is ... how do i unban my slave dns server ? :)

Thanks a lot
« Last Edit: May 28, 2013, 04:34:46 pm by psauxw »
Logged

psauxw

  • Guest
Re: Zentyal banned my slave dns
« Reply #1 on: May 08, 2013, 09:24:46 pm »
found my slave dns ip in the iptables
fdrop      all  --  xxx.xxx.xxx.xxx         0.0.0.0/0           MAC ! xx:xx:xx:xx:xx:xx
idrop      all  --  xxx.xxx.xxx.xxx         0.0.0.0/0           MAC ! xx:xx:xx:xx:xx:xx


how do i remove that ... :(
Logged

psauxw

  • Guest
Re: Zentyal banned my slave dns
« Reply #2 on: May 08, 2013, 10:06:42 pm »
tried adding
iptables -A INPUT -p all -s xxx.xxx.xxx.xxx -j ACCEPT

iptables -L -n still lists my slave dns' ip being fdrop idrop
Logged

psauxw

  • Guest
Re: Zentyal banned my slave dns
« Reply #3 on: May 09, 2013, 03:47:46 pm »
finally found the real problem.

fdrop      all  --  xxx.xxx.xxx.xxx         0.0.0.0/0           MAC ! xx:xx:xx:xx:xx:xx
idrop      all  --  xxx.xxx.xxx.xxx         0.0.0.0/0           MAC ! xx:xx:xx:xx:xx:xx

Since i changed the ip of the server the "MAC !" rules do not match the server's MAC adresse anymore...

I really need help to remove or change those 2 rules
Logged

psauxw

  • Guest
Re: Zentyal banned my slave dns
« Reply #4 on: May 09, 2013, 05:20:18 pm »
searching around the forum i've seen this post

Quote from: jsalamero on December 08, 2011, 08:44:41 am
I didn't test routed networks with Zentyal virtualization module, most of the times, VM are deployed using bridged mode. The machines need to be in the same network than the host, otherwise nospoof rules drop incoming packets. To bypass nospoof rules run iptables -F fnospoof && iptables -F inospoof.

Does anyone know if i flush those 2 rules... will they re-add themselves later on with the right MAC address?
Logged

jmituzas

  • Zen Apprentice
  • *
  • Posts: 24
  • Karma: +1/-0
    • View Profile
    • Ubuntu Forums Profile
Re: Zentyal banned my slave dns
« Reply #5 on: May 15, 2013, 02:49:18 pm »
I had this same issue when setting up Zentyal as a PDC what I had to do was right my nameservers to /etc/resolv.conf and then run the command
Code: [Select]
chattr +i /etc/resolv.conf so it cant be re-written. If you need to write to it again the command is
Code: [Select]
chattr -i /etc/resolv.conf

also note within your /etc/resolv.conf file, put your primary DNS server first in the list, Zentyal wants to put 127.0.0.1 first-- change this or else it will never use your DNS Nameservers.
Logged

psauxw

  • Guest
Re: Zentyal banned my slave dns
« Reply #6 on: May 28, 2013, 03:53:53 pm »
well...the problem is back.

fdrop      all  --  192.168.x.x         0.0.0.0/0           MAC ! XX:XX:XX:XX:XX
idrop      all  --  192.168.x.x         0.0.0.0/0           MAC ! XX:XX:XX:XX:XX

How do i change the "MAC !" so it fits the mac of my new machine?
Logged

psauxw

  • Guest
Re: Zentyal banned my slave dns
« Reply #7 on: May 28, 2013, 04:33:14 pm »
Changing the mac adresse in "network ---> object" did the trick ...
Logged
Pages: [1]
« previous next »