"John Sanborn" <jsanborn at earthlink.net> wrote: > I added the allow-query statement to the options section at the top > of named.conf and restarted DNS but no change. I also changed the > /ect/resolv.conf file, however; how do you keep dhcp from changing > it when it gets eth0 ip information from the dsl modem? That depends upon which distro you're using. In Debian (and possibly Fedora), there is a configuration file called /etc/network/interfaces used by the "ifupdown" package. This can work in concert with the "resolvconf" to provide "dns-" options for the interface, though there may be better ways to do this. You could make the /etc/resov.conf file immutable and only rely upon the local bind server for name resolution. "chattr +i FILE" I believe. > I'm pretty sure the firewall isn't blocking anything because I > copied all the same iptables rules from the Fedora Core 3 Bible and > that set of rules just sets up masquerade for the LAN, blocks > everything from outside but web and ftp, etc (which I didn't allow > from outside), but all the traffic inside the LAN is allowed. So > anything at all should be able to pass between two LAN ips. > (any more thoughts?) Add a logging rule just before dropping packets for a given chain. -- Chad Walstrom <chewie at wookimus.net> http://www.wookimus.net/ assert(expired(knowledge)); /* core dump */