#1  
Old 3rd April 2011, 13:33
stigge2000 stigge2000 is offline
Member
 
Join Date: Jul 2006
Posts: 32
Thanks: 10
Thanked 1 Time in 1 Post
Send a message via Skype™ to stigge2000
Default Something blocking port 53

HI!

I think there must be a proggy that blocks port 53, but i dont know what.

I have talked to the guys where i rent the server, and they assure me that there is NO firewall between me and the web, the only firewall i got is the one i installs myself.

I have uninstalled IPTABLES, disabled SELINUX and inactivated the ISPCONFIG firewall..
and after i rebooted i ran NMAP to check, here's the result:

Quote:
[root@dns1 ~]# nmap -sU -sT -p U:1-100,T:1-100 87.237.215.243

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-04-03 13:18 CEST
Interesting ports on ns2.mydomain.se (87.237.215.243):
Not shown: 196 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
80/tcp open http

Nmap finished: 1 IP address (1 host up) scanned in 0.020 seconds
and then i tried to DIG my public IP:

Quote:
[root@dns1 ~]# dig @87.237.215.243 stjarnas.se

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_5.3 <<>> @87.237.215.243 mydomain.se
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
and then i listed some stuff:

Quote:
[root@dns1 ~]# lsof -i -n -P
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
portmap 2222 rpc 3u IPv4 5544 UDP *:111
portmap 2222 rpc 4u IPv4 5545 TCP *:111 (LISTEN)
rpc.statd 2285 rpcuser 3u IPv4 5657 UDP *:768
rpc.statd 2285 rpcuser 6u IPv4 5647 UDP *:765
rpc.statd 2285 rpcuser 7u IPv4 5671 TCP *:771 (LISTEN)
sshd 2552 root 3u IPv6 7559 TCP *:22 (LISTEN)
cupsd 2565 root 4u IPv4 7602 TCP 127.0.0.1:631 (LISTEN)
cupsd 2565 root 6u IPv4 7605 UDP *:631
clamd 2581 clamav 5u IPv4 7651 TCP 127.0.0.1:3310 (LISTEN)
mysqld 2666 mysql 10u IPv4 7758 TCP *:3306 (LISTEN)
mysqld 2666 mysql 95u IPv4 14106 TCP 127.0.0.1:3306->127.0.0.1:39287 (ESTABLISHED)
mysqld 2666 mysql 96u IPv4 14107 TCP 127.0.0.1:3306->127.0.0.1:39288 (ESTABLISHED)
dovecot 2698 root 6u IPv4 7805 TCP *:143 (LISTEN)
dovecot 2698 root 7u IPv6 7806 TCP *:143 (LISTEN)
dovecot 2698 root 8u IPv4 7807 TCP *:993 (LISTEN)
dovecot 2698 root 9u IPv6 7808 TCP *:993 (LISTEN)
dovecot 2698 root 10u IPv4 7809 TCP *:110 (LISTEN)
dovecot 2698 root 11u IPv6 7810 TCP *:110 (LISTEN)
dovecot 2698 root 12u IPv4 7811 TCP *:995 (LISTEN)
dovecot 2698 root 13u IPv6 7812 TCP *:995 (LISTEN)
amavisd 2744 amavis 6u IPv4 8000 TCP 127.0.0.1:10024 (LISTEN)
master 2814 root 11u IPv4 8256 TCP *:25 (LISTEN)
master 2814 root 101u IPv4 8374 TCP 127.0.0.1:10025 (LISTEN)
amavisd 2875 amavis 6u IPv4 8000 TCP 127.0.0.1:10024 (LISTEN)
amavisd 2875 amavis 14u IPv4 14105 TCP 127.0.0.1:39287->127.0.0.1:3306 (ESTABLISHED)
amavisd 2876 amavis 6u IPv4 8000 TCP 127.0.0.1:10024 (LISTEN)
amavisd 2876 amavis 14u IPv4 14104 TCP 127.0.0.1:39288->127.0.0.1:3306 (ESTABLISHED)
httpd 2878 root 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 2878 root 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 2878 root 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 2882 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 2882 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 2882 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
pure-ftpd 2894 root 4u IPv4 8645 TCP *:21 (LISTEN)
pure-ftpd 2894 root 5u IPv6 8646 TCP *:21 (LISTEN)
avahi-dae 3000 avahi 13u IPv4 8905 UDP *:5353
avahi-dae 3000 avahi 14u IPv6 8906 UDP *:5353
avahi-dae 3000 avahi 15u IPv4 8907 UDP *:59623
avahi-dae 3000 avahi 16u IPv6 8908 UDP *:47608
httpd 3089 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3089 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3089 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3090 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3090 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3090 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3091 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3091 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3091 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3092 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3092 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3092 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3093 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3093 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3093 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3094 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3094 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3094 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3095 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3095 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3095 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
httpd 3096 apache 3u IPv6 8556 TCP *:80 (LISTEN)
httpd 3096 apache 5u IPv6 8565 TCP *:8081 (LISTEN)
httpd 3096 apache 7u IPv6 8572 TCP *:8080 (LISTEN)
sshd 3131 root 3u IPv6 9191 TCP 87.237.215.243:22->90.227.9.150:23918 (ESTABLISHED)
pop3-logi 7223 dovecot 4u IPv4 7809 TCP *:110 (LISTEN)
pop3-logi 7223 dovecot 5u IPv6 7810 TCP *:110 (LISTEN)
pop3-logi 7223 dovecot 6u IPv4 7811 TCP *:995 (LISTEN)
pop3-logi 7223 dovecot 7u IPv6 7812 TCP *:995 (LISTEN)
named 7788 named 20u IPv6 26828 TCP [::1]:53 (LISTEN)
named 7788 named 21u IPv4 26830 TCP 127.0.0.1:53 (LISTEN)
named 7788 named 22u IPv4 26831 TCP 127.0.0.1:953 (LISTEN)
named 7788 named 23u IPv6 26832 TCP [::1]:953 (LISTEN)
named 7788 named 512u IPv6 26827 UDP [::1]:53
named 7788 named 513u IPv4 26829 UDP 127.0.0.1:53
imap-logi 8444 dovecot 4u IPv4 7805 TCP *:143 (LISTEN)
imap-logi 8444 dovecot 5u IPv6 7806 TCP *:143 (LISTEN)
imap-logi 8444 dovecot 6u IPv4 7807 TCP *:993 (LISTEN)
imap-logi 8444 dovecot 7u IPv6 7808 TCP *:993 (LISTEN)
pop3-logi 8447 dovecot 4u IPv4 7809 TCP *:110 (LISTEN)
pop3-logi 8447 dovecot 5u IPv6 7810 TCP *:110 (LISTEN)
pop3-logi 8447 dovecot 6u IPv4 7811 TCP *:995 (LISTEN)
pop3-logi 8447 dovecot 7u IPv6 7812 TCP *:995 (LISTEN)
imap-logi 8518 dovecot 4u IPv4 7805 TCP *:143 (LISTEN)
imap-logi 8518 dovecot 5u IPv6 7806 TCP *:143 (LISTEN)
imap-logi 8518 dovecot 6u IPv4 7807 TCP *:993 (LISTEN)
imap-logi 8518 dovecot 7u IPv6 7808 TCP *:993 (LISTEN)
smtpd 8587 postfix 6u IPv4 8256 TCP *:25 (LISTEN)
smtpd 8633 postfix 6u IPv4 8256 TCP *:25 (LISTEN)
smtpd 8633 postfix 13u IPv4 29338 TCP 87.237.215.243:25->95.179.84.80:25706 (ESTABLISHED)
smtpd 8633 postfix 17u IPv4 29345 UDP 87.237.215.243:40839->64.59.135.133:53
smtpd 8633 postfix 18u IPv4 29346 UDP 87.237.215.243:50465->64.59.135.135:53
pop3-logi 8737 dovecot 4u IPv4 7809 TCP *:110 (LISTEN)
pop3-logi 8737 dovecot 5u IPv6 7810 TCP *:110 (LISTEN)
pop3-logi 8737 dovecot 6u IPv4 7811 TCP *:995 (LISTEN)
pop3-logi 8737 dovecot 7u IPv6 7812 TCP *:995 (LISTEN)
imap-logi 8738 dovecot 4u IPv4 7805 TCP *:143 (LISTEN)
imap-logi 8738 dovecot 5u IPv6 7806 TCP *:143 (LISTEN)
imap-logi 8738 dovecot 6u IPv4 7807 TCP *:993 (LISTEN)
imap-logi 8738 dovecot 7u IPv6 7808 TCP *:993 (LISTEN)
What can be blocking my 53 port??
Reply With Quote
Sponsored Links
  #2  
Old 3rd April 2011, 13:36
stigge2000 stigge2000 is offline
Member
 
Join Date: Jul 2006
Posts: 32
Thanks: 10
Thanked 1 Time in 1 Post
Send a message via Skype™ to stigge2000
Default

and this is what happends when i scan only port 53:

Quote:
nmap -sU -sT -p U:53,T:53 87.237.215.243

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-04-03 13:34 CEST
Interesting ports on ns2.mydomain.se (87.237.215.243):
PORT STATE SERVICE
53/tcp closed domain
53/udp closed domain

Nmap finished: 1 IP address (1 host up) scanned in 0.013 seconds
Reply With Quote
  #3  
Old 4th April 2011, 12:26
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,744 Times in 2,577 Posts
Default

What are the outputs of
Code:
netstat -tap
Code:
netstat -uap
Code:
iptables -L
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 4th April 2011, 18:11
stigge2000 stigge2000 is offline
Member
 
Join Date: Jul 2006
Posts: 32
Thanks: 10
Thanked 1 Time in 1 Post
Send a message via Skype™ to stigge2000
Default

Hi Falko!

The great news is that i found out that it was BIND that was incorrect,
in the /etc/named.conf i changed the

Quote:
listen-on port 53 { localhost; };
to

Quote:
listen-on port 53 { any; };
and after that all the pieces came together i think.... or atleast it works now.

The only diffrence I can see from my setup, and the setup you wrote in the perfectserver tutorial is that I have a public IP...


but heres the outputs, maybe you can see something strange that i should fix before the server crash :)

(and btw. thx for a great community, and awsome guides)

Quote:
[root@dns1 ~]# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:imaps *:* LISTEN 2703/dovecot
tcp 0 0 *:pop3s *:* LISTEN 2703/dovecot
tcp 0 0 localhost.localdomain:10024 *:* LISTEN 2749/amavisd (maste
tcp 0 0 *:wpages *:* LISTEN 2290/rpc.statd
tcp 0 0 localhost.localdomain:10025 *:* LISTEN 2819/master
tcp 0 0 *:mysql *:* LISTEN 2671/mysqld
tcp 0 0 *:pop3 *:* LISTEN 2703/dovecot
tcp 0 0 localhost.local:dyna-access *:* LISTEN 2586/clamd
tcp 0 0 *:imap *:* LISTEN 2703/dovecot
tcp 0 0 *:sunrpc *:* LISTEN 2227/portmap
tcp 0 0 87.237.215.244:domain *:* LISTEN 5920/named
tcp 0 0 dns1.sentig.se:domain *:* LISTEN 5920/named
tcp 0 0 localhost.localdomai:domain *:* LISTEN 5920/named
tcp 0 0 *:ftp *:* LISTEN 2898/pure-ftpd (SER
tcp 0 0 localhost.localdomain:ipp *:* LISTEN 2570/cupsd
tcp 0 0 localhost.localdomain:rndc *:* LISTEN 5920/named
tcp 0 0 *:smtp *:* LISTEN 2819/master
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:56108 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:56108 localhost.localdomain:mysql ESTABLISHED 19269/amavisd (ch3-
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41032 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41033 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41028 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41029 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41030 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:41030 localhost.localdomain:mysql ESTABLISHED 20941/trivial-rewri
tcp 0 0 localhost.localdomain:41031 localhost.localdomain:mysql ESTABLISHED 20923/smtpd
tcp 0 0 localhost.localdomain:41028 localhost.localdomain:mysql ESTABLISHED 20926/proxymap
tcp 0 0 localhost.localdomain:41029 localhost.localdomain:mysql ESTABLISHED 20926/proxymap
tcp 0 0 localhost.localdomain:41032 localhost.localdomain:mysql ESTABLISHED 20923/smtpd
tcp 0 0 localhost.localdomain:41033 localhost.localdomain:mysql ESTABLISHED 20923/smtpd
tcp 0 0 dns1.sentig.se:imap h33n2fls301o838.telia:19904 ESTABLISHED 18973/imap
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41031 ESTABLISHED 2671/mysqld
tcp 0 0 localhost.localdomain:41411 localhost.localdomain:mysql ESTABLISHED 19386/amavisd (ch2-
tcp 0 0 localhost.localdomain:mysql localhost.localdomain:41411 ESTABLISHED 2671/mysqld
tcp 0 0 dns1.sentig.se:imap host-95-192-150-163.m:52563 ESTABLISHED 17212/imap
tcp 0 0 dns1.sentig.se:imap 90-227-8-20:equationbuilder ESTABLISHED 5142/imap
tcp 0 0 dns1.sentig.se:imap host-95-192-150-163.m:53719 ESTABLISHED 17213/imap
tcp 0 0 *:imaps *:* LISTEN 2703/dovecot
tcp 0 0 *:pop3s *:* LISTEN 2703/dovecot
tcp 0 0 *:pop3 *:* LISTEN 2703/dovecot
tcp 0 0 *:imap *:* LISTEN 2703/dovecot
tcp 0 0 *:webcache *:* LISTEN 5020/httpd
tcp 0 0 *:http *:* LISTEN 5020/httpd
tcp 0 0 *:tproxy *:* LISTEN 5020/httpd
tcp 0 0 localhost6.localdoma:domain *:* LISTEN 5920/named
tcp 0 0 *:ftp *:* LISTEN 2898/pure-ftpd (SER
tcp 0 0 *:ssh *:* LISTEN 2557/sshd
tcp 0 0 localhost6.localdomain:rndc *:* LISTEN 5920/named
tcp 0 5740 dns1.sentig.se:ssh 90-227-9-150-no136.tbc:6826 ESTABLISHED 20843/0

Quote:
[root@dns1 ~]# netstat -uap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
udp 0 0 *:cadlock *:* 2290/rpc.statd
udp 0 0 *:notify *:* 2290/rpc.statd
udp 0 0 dns1.sentig.se:40882 nsc1.so.cg.shawc:domain ESTABLISHED 5032/httpd
udp 0 0 87.237.215.244:domain *:* 5920/named
udp 0 0 dns1.sentig.se:domain *:* 5920/named
udp 0 0 localhost.locald:domain *:* 5920/named
udp 0 0 *:40643 *:* 3004/avahi-daemon:
udp 0 0 *:mdns *:* 3004/avahi-daemon:
udp 0 0 *:sunrpc *:* 2227/portmap
udp 0 0 *:ipp *:* 2570/cupsd
udp 0 0 *:sunrpc *:* 2227/portmap
udp 0 0 *:ipp *:* 2570/cupsd
udp 0 0 localhost6.local:domain *:* 5920/named
udp 0 0 *:mdns *:* 3004/avahi-daemon:
udp 0 0 *:55019 *:* 3004/avahi-daemon:

Quote:
[root@dns1 ~]# iptables -L
-bash: iptables: command not found
Reply With Quote
  #5  
Old 5th April 2011, 14:46
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,744 Times in 2,577 Posts
 
Default

The netstat outputs look ok. Can you try
Code:
/sbin/iptables -L
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
squid port 443 problem. abid HOWTO-Related Questions 1 26th March 2009 17:08
Mail Question: installed smf forum on centos perfect server setup with ispconfig happz Installation/Configuration 7 22nd August 2008 13:15
Getting e-mail working hansoffate Installation/Configuration 29 13th August 2008 16:33
How to install BFD (Brute Force Detection) domino Tips/Tricks/Mods 9 31st March 2006 22:40
ISPs blocking smtp-auth on port 25 oneinchpunch HOWTO-Related Questions 1 8th December 2005 02:36


All times are GMT +2. The time now is 12:43.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.