Fixed! (Was: [tlug] Restarting a dead DNS loo...)

[Jim Breen <Jim.Breen@example.com>]

Yes, it's fixed. Problem solved.

It happened again this morning, and I realised that the Significant
Event had been that I'd restarted ipchains.  I have to do this every 
so often, because the two PCs in the house have their own live IP
addresses, and they are non-static. The ISP usually doesn't change them
but once in a blue moon they do. I'd been moving some files from the
Linux system to the Windblows one using WinSCP, and had needed to poke
a hole in the firewall. Of course, restarting ipchains blows away
the punched-through holes for the nameserver UDP accesses.

I pulled the function out of /etc/sysconfig/network-scripts/ifup-post
and made myself a little punching script:

#!/bin/sh

cd /etc/sysconfig/network-scripts

ns=`awk '/^nameserver / { print $2 }' /etc/resolv.conf`
if [ -n "$ns" ]; then
        for nameserver in $ns ; do
                if ! /sbin/ipchains -L input -n | grep -q $nameserver ;
then
                        /sbin/ipchains -I input -s $nameserver/32 53 -d
0/0 1025
:65535 -p udp -j ACCEPT
                        [ -x /usr/bin/logger ] && logger $"punching
nameserver $nameserver through the firewall"
                fi
        done
fi


Now it all works fine. No reboot needed.

Jim

-- 
Jim Breen                                http://www.csse.monash.edu.au/~jwb/
Computer Science & Software Engineering,                Tel: +61 3 9905 9554
Monash University, VIC 3800, Australia                  Fax: +61 3 9905 5146
(Monash Provider No. 00008C)                ジム・ブリーン@モナシュ大学