> -----Original Message----- > From: centos-bounces at centos.org > [mailto:centos-bounces at centos.org] On Behalf Of Chan Chung > Hang Christopher > Sent: Tuesday, July 06, 2010 9:28 AM > To: centos at centos.org > Subject: Re: [CentOS] DNS or firewall problem > > > >> Are you running a proxy for http? It would be rather > surprising that > >> internal machines can access the Internet without > forwarding turned > >> on otherwise. When you say internal machines cannot access your > >> server, are they connecting to it via the local > interface's ip or the > >> Internet ip? > >> Are the services bound to the local interface? > > > > > > I did notice today there is a squid.conf file in my > /etc/httpd/conf.d > > directory. It appears it is configure for the local domain only. I > > renamed it and restarted apache but that didn't work. > > > > The server has two nics, one for internet and one for the local > > network, connected to a switch. eth0 is connected to the > uplink port. > > Please pastebin the output of the following: > Run as root: > 'cat /etc/sysconfig/iptables' # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 137 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 138 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT > 'netstat -ntlp' Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:20000 0.0.0.0:* LISTEN 3580/perl tcp 0 0 127.0.0.1:2208 0.0.0.0:* LISTEN 2960/hpiod tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 3138/mysqld tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 3049/clamd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2667/portmap tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN 3958/X tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 3588/perl tcp 0 0 192.168.1.101:53 0.0.0.0:* LISTEN 2639/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2639/named tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2980/cupsd tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 3218/sendmail: acce tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 2639/named tcp 0 0 0.0.0.0:766 0.0.0.0:* LISTEN 2704/rpc.statd tcp 0 0 0.0.0.0:3551 0.0.0.0:* LISTEN 3032/apcupsd tcp 0 0 127.0.0.1:2207 0.0.0.0:* LISTEN 2965/python tcp 0 0 :::80 :::* LISTEN 5464/httpd tcp 0 0 :::6000 :::* LISTEN 3958/X tcp 0 0 ::1:953 :::* LISTEN 2639/named tcp 0 0 :::443 :::* LISTEN 5464/httpd Not sure what all this means. Hope someone can. Thanks!! Eddie > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos