HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Something blocking port 53 (http://www.howtoforge.com/forums/showthread.php?t=52146)

stigge2000 3rd April 2011 13:33

Something blocking port 53
 
HI!

I think there must be a proggy that blocks port 53, but i dont know what.

I have talked to the guys where i rent the server, and they assure me that there is NO firewall between me and the web, the only firewall i got is the one i installs myself.

I have uninstalled IPTABLES, disabled SELINUX and inactivated the ISPCONFIG firewall..
and after i rebooted i ran NMAP to check, here's the result:

Quote:

[root@dns1 ~]# nmap -sU -sT -p U:1-100,T:1-100 87.237.215.243

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-04-03 13:18 CEST
Interesting ports on ns2.mydomain.se (87.237.215.243):
Not shown: 196 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http

Nmap finished: 1 IP address (1 host up) scanned in 0.020 seconds
and then i tried to DIG my public IP:

Quote:

[root@dns1 ~]# dig @87.237.215.243 stjarnas.se

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @87.237.215.243 mydomain.se
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
and then i listed some stuff:

Quote:

[root@dns1 ~]# lsof -i -n -P
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
portmap 2222 rpc 3u IPv4 5544 UDP *:111
portmap 2222 rpc 4u IPv4 5545 TCP *:111 (LISTEN)
rpc.statd 2285 rpcuser 3u IPv4 5657 UDP *:768
rpc.statd 2285 rpcuser 6u IPv4 5647 UDP *:765
rpc.statd 2285 rpcuser 7u IPv4 5671 TCP *:771 (LISTEN)
sshd 2552 root 3u IPv6 7559 TCP *:22 (LISTEN)
cupsd 2565 root 4u IPv4 7602 TCP 127.0.0.1:631 (LISTEN)
cupsd 2565 root 6u IPv4 7605 UDP *:631
clamd 2581 clamav 5u IPv4 7651 TCP 127.0.0.1:3310 (LISTEN)
mysqld 2666 mysql 10u IPv4 7758 TCP *:3306 (LISTEN)
mysqld 2666 mysql 95u IPv4 14106 TCP 127.0.0.1:3306->127.0.0.1:39287 (ESTABLISHED)
mysqld 2666 mysql 96u IPv4 14107 TCP 127.0.0.1:3306->127.0.0.1:39288 (ESTABLISHED)
dovecot 2698 root 6u IPv4 7805 TCP *:143 (LISTEN)
dovecot 2698 root 7u IPv6 7806 TCP *:143 (LISTEN)
dovecot 2698 root 8u IPv4 7807 TCP *:993 (LISTEN)
dovecot 2698 root 9u IPv6 7808 TCP *:993 (LISTEN)
dovecot 2698 root 10u IPv4 7809 TCP *:110 (LISTEN)
dovecot 2698 root 11u IPv6 7810 TCP *:110 (LISTEN)
dovecot 2698 root 12u IPv4 7811 TCP *:995 (LISTEN)
dovecot 2698 root 13u IPv6 7812 TCP *:995 (LISTEN)
amavisd 2744 amavis 6u IPv4 8000 TCP 127.0.0.1:10024 (LISTEN)
master 2814 root 11u IPv4 8256 TCP *:25 (LISTEN)
master 2814 root 101u IPv4 8374 TCP 127.0.0.1:10025 (LISTEN)
amavisd 2875 amavis 6u IPv4 8000 TCP 127.0.0.1:10024 (LISTEN)
amavisd 2875 amavis 14u IPv4 14105 TCP 127.0.0.1:39287->127.0.0.1:3306 (ESTABLISHED)
amavisd 2876 amavis 6u IPv4 8000 TCP 127.0.0.1:10024 (LISTEN)
amavisd 2876 amavis 14u IPv4 14104 TCP 127.0.0.1:39288->127.0.0.1:3306 (ESTABLISHED)
httpd 2878 root 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 2878 root 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 2878 root 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 2882 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 2882 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 2882 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
pure-ftpd 2894 root 4u IPv4 8645 TCP *:21 (LISTEN)
pure-ftpd 2894 root 5u IPv6 8646 TCP *:21 (LISTEN)
avahi-dae 3000 avahi 13u IPv4 8905 UDP *:5353
avahi-dae 3000 avahi 14u IPv6 8906 UDP *:5353
avahi-dae 3000 avahi 15u IPv4 8907 UDP *:59623
avahi-dae 3000 avahi 16u IPv6 8908 UDP *:47608
httpd 3089 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3089 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3089 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3090 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3090 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3090 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3091 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3091 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3091 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3092 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3092 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3092 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3093 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3093 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3093 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3094 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3094 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3094 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3095 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3095 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3095 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3096 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3096 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3096 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
sshd 3131 root 3u IPv6 9191 TCP 87.237.215.243:22->90.227.9.150:23918 (ESTABLISHED)
pop3-logi 7223 dovecot 4u IPv4 7809 TCP *:110 (LISTEN)
pop3-logi 7223 dovecot 5u IPv6 7810 TCP *:110 (LISTEN)
pop3-logi 7223 dovecot 6u IPv4 7811 TCP *:995 (LISTEN)
pop3-logi 7223 dovecot 7u IPv6 7812 TCP *:995 (LISTEN)
named 7788 named 20u IPv6 26828 TCP [::1]:53 (LISTEN)
named 7788 named 21u IPv4 26830 TCP 127.0.0.1:53 (LISTEN)
named 7788 named 22u IPv4 26831 TCP 127.0.0.1:953 (LISTEN)
named 7788 named 23u IPv6 26832 TCP [::1]:953 (LISTEN)
named 7788 named 512u IPv6 26827 UDP [::1]:53
named 7788 named 513u IPv4 26829 UDP 127.0.0.1:53
imap-logi 8444 dovecot 4u IPv4 7805 TCP *:143 (LISTEN)
imap-logi 8444 dovecot 5u IPv6 7806 TCP *:143 (LISTEN)
imap-logi 8444 dovecot 6u IPv4 7807 TCP *:993 (LISTEN)
imap-logi 8444 dovecot 7u IPv6 7808 TCP *:993 (LISTEN)
pop3-logi 8447 dovecot 4u IPv4 7809 TCP *:110 (LISTEN)
pop3-logi 8447 dovecot 5u IPv6 7810 TCP *:110 (LISTEN)
pop3-logi 8447 dovecot 6u IPv4 7811 TCP *:995 (LISTEN)
pop3-logi 8447 dovecot 7u IPv6 7812 TCP *:995 (LISTEN)
imap-logi 8518 dovecot 4u IPv4 7805 TCP *:143 (LISTEN)
imap-logi 8518 dovecot 5u IPv6 7806 TCP *:143 (LISTEN)
imap-logi 8518 dovecot 6u IPv4 7807 TCP *:993 (LISTEN)
imap-logi 8518 dovecot 7u IPv6 7808 TCP *:993 (LISTEN)
smtpd 8587 postfix 6u IPv4 8256 TCP *:25 (LISTEN)
smtpd 8633 postfix 6u IPv4 8256 TCP *:25 (LISTEN)
smtpd 8633 postfix 13u IPv4 29338 TCP 87.237.215.243:25->95.179.84.80:25706 (ESTABLISHED)
smtpd 8633 postfix 17u IPv4 29345 UDP 87.237.215.243:40839->64.59.135.133:53
smtpd 8633 postfix 18u IPv4 29346 UDP 87.237.215.243:50465->64.59.135.135:53
pop3-logi 8737 dovecot 4u IPv4 7809 TCP *:110 (LISTEN)
pop3-logi 8737 dovecot 5u IPv6 7810 TCP *:110 (LISTEN)
pop3-logi 8737 dovecot 6u IPv4 7811 TCP *:995 (LISTEN)
pop3-logi 8737 dovecot 7u IPv6 7812 TCP *:995 (LISTEN)
imap-logi 8738 dovecot 4u IPv4 7805 TCP *:143 (LISTEN)
imap-logi 8738 dovecot 5u IPv6 7806 TCP *:143 (LISTEN)
imap-logi 8738 dovecot 6u IPv4 7807 TCP *:993 (LISTEN)
imap-logi 8738 dovecot 7u IPv6 7808 TCP *:993 (LISTEN)
What can be blocking my 53 port??

stigge2000 3rd April 2011 13:36

and this is what happends when i scan only port 53:

Quote:

nmap -sU -sT -p U:53,T:53 87.237.215.243

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-04-03 13:34 CEST
Interesting ports on ns2.mydomain.se (87.237.215.243):
PORT STATE SERVICE
53/tcp closed domain
53/udp closed domain

Nmap finished: 1 IP address (1 host up) scanned in 0.013 seconds

falko 4th April 2011 12:26

What are the outputs of
Code:

netstat -tap
Code:

netstat -uap
Code:

iptables -L
?

stigge2000 4th April 2011 18:11

Hi Falko!

The great news is that i found out that it was BIND that was incorrect,
in the /etc/named.conf i changed the

Quote:

listen-on port 53 { localhost; };
to

Quote:

listen-on port 53 { any; };
and after that all the pieces came together i think.... or atleast it works now.

The only diffrence I can see from my setup, and the setup you wrote in the perfectserver tutorial is that I have a public IP...


but heres the outputs, maybe you can see something strange that i should fix before the server crash :)

(and btw. thx for a great community, and awsome guides)

Quote:

[root@dns1 ~]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:imaps *:* LISTEN 2703/dovecot
tcp 0 0 *:pop3s *:* LISTEN 2703/dovecot
tcp 0 0 localhost.localdomain:10024 *:* LISTEN 2749/amavisd (maste
tcp 0 0 *:wpages *:* LISTEN 2290/rpc.statd
tcp 0 0 localhost.localdomain:10025 *:* LISTEN 2819/master
tcp 0 0 *:mysql *:* LISTEN 2671/mysqld
tcp 0 0 *:pop3 *:* LISTEN 2703/dovecot
tcp 0 0 localhost.local:dyna-access *:* LISTEN 2586/clamd
tcp 0 0 *:imap *:* LISTEN 2703/dovecot
tcp 0 0 *:sunrpc *:* LISTEN 2227/portmap
tcp 0 0 87.237.215.244:domain *:* LISTEN 5920/named
tcp 0 0 dns1.sentig.se:domain *:* LISTEN 5920/named
tcp 0 0 localhost.localdomai:domain *:* LISTEN 5920/named
tcp 0 0 *:ftp *:* LISTEN 2898/pure-ftpd (SER
tcp 0 0 localhost.localdomain:ipp *:* LISTEN 2570/cupsd
tcp 0 0 localhost.localdomain:rndc *:* LISTEN 5920/named
tcp 0 0 *:smtp *:* LISTEN 2819/master
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:56108 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:56108 localhost.localdomain:mysql ESTABLISHED 19269/amavisd (ch3-
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41032 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41033 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41028 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41029 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41030 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:41030 localhost.localdomain:mysql ESTABLISHED 20941/trivial-rewri
tcp 0 0 localhost.localdomain:41031 localhost.localdomain:mysql ESTABLISHED 20923/smtpd
tcp 0 0 localhost.localdomain:41028 localhost.localdomain:mysql ESTABLISHED 20926/proxymap
tcp 0 0 localhost.localdomain:41029 localhost.localdomain:mysql ESTABLISHED 20926/proxymap
tcp 0 0 localhost.localdomain:41032 localhost.localdomain:mysql ESTABLISHED 20923/smtpd
tcp 0 0 localhost.localdomain:41033 localhost.localdomain:mysql ESTABLISHED 20923/smtpd
tcp 0 0 dns1.sentig.se:imap h33n2fls301o838.telia:19904 ESTABLISHED 18973/imap
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41031 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:41411 localhost.localdomain:mysql ESTABLISHED 19386/amavisd (ch2-
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41411 ESTABLISHED 2671/mysqld
tcp 0 0 dns1.sentig.se:imap host-95-192-150-163.m:52563 ESTABLISHED 17212/imap
tcp 0 0 dns1.sentig.se:imap 90-227-8-20:equationbuilder ESTABLISHED 5142/imap
tcp 0 0 dns1.sentig.se:imap host-95-192-150-163.m:53719 ESTABLISHED 17213/imap
tcp 0 0 *:imaps *:* LISTEN 2703/dovecot
tcp 0 0 *:pop3s *:* LISTEN 2703/dovecot
tcp 0 0 *:pop3 *:* LISTEN 2703/dovecot
tcp 0 0 *:imap *:* LISTEN 2703/dovecot
tcp 0 0 *:webcache *:* LISTEN 5020/httpd
tcp 0 0 *:http *:* LISTEN 5020/httpd
tcp 0 0 *:tproxy *:* LISTEN 5020/httpd
tcp 0 0 localhost6.localdoma:domain *:* LISTEN 5920/named
tcp 0 0 *:ftp *:* LISTEN 2898/pure-ftpd (SER
tcp 0 0 *:ssh *:* LISTEN 2557/sshd
tcp 0 0 localhost6.localdomain:rndc *:* LISTEN 5920/named
tcp 0 5740 dns1.sentig.se:ssh 90-227-9-150-no136.tbc:6826 ESTABLISHED 20843/0

Quote:

[root@dns1 ~]# netstat -uap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 *:cadlock *:* 2290/rpc.statd
udp 0 0 *:notify *:* 2290/rpc.statd
udp 0 0 dns1.sentig.se:40882 nsc1.so.cg.shawc:domain ESTABLISHED 5032/httpd
udp 0 0 87.237.215.244:domain *:* 5920/named
udp 0 0 dns1.sentig.se:domain *:* 5920/named
udp 0 0 localhost.locald:domain *:* 5920/named
udp 0 0 *:40643 *:* 3004/avahi-daemon:
udp 0 0 *:mdns *:* 3004/avahi-daemon:
udp 0 0 *:sunrpc *:* 2227/portmap
udp 0 0 *:ipp *:* 2570/cupsd
udp 0 0 *:sunrpc *:* 2227/portmap
udp 0 0 *:ipp *:* 2570/cupsd
udp 0 0 localhost6.local:domain *:* 5920/named
udp 0 0 *:mdns *:* 3004/avahi-daemon:
udp 0 0 *:55019 *:* 3004/avahi-daemon:

Quote:

[root@dns1 ~]# iptables -L
-bash: iptables: command not found

falko 5th April 2011 14:46

The netstat outputs look ok. Can you try
Code:

/sbin/iptables -L
?


All times are GMT +2. The time now is 14:42.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.