On Fri, 2004-06-04 at 16:04, Ron Snyder wrote: > Who controls the nameserver is listed in your /etc/resolv.conf? Do you > control it, or does it belong to your ISP? It's certainly possible that the > nameserver isn't configured to allow tcp queries (or responses). Sorry, how do I check that? My name servers as listed are 212.67.96.129 & 130.
> Can you telnet to port 53 of each of your nameservers (listed in > /etc/resolv.conf)? No. It tries and then hangs. >If you can't connect to port 53 like this, verify that your firewall >rules turned off by doing "iptables -L" I actually turned off my firewall through YAST, the interface provided by SuSE, but have now turned the rules off again as suggested by Todd Lyons through iptables -F iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT (how do I reverse this I wonder?) I then get: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere 255.255.255.255 udp spt:bootps dpt:bootpc ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT udp -- anywhere anywhere state ESTABLISHED udp dpts:61000:65095 input_ext all -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED reject_func all -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED Chain input_ext (1 references) target prot opt source destination reject_func tcp -- anywhere anywhere tcp dpt:ident flags:SYN,RST,ACK/SYN LOG tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix `SFW2-INext-DROP-NEW-CONNECT ' reject_func all -- anywhere anywhere Chain reject_func (3 references) target prot opt source destination REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-proto-unreachable I did some further research in the archives again last night and see that the problem did indeed come up before and that the solution for one person was to enable logging in clamav.conf but this didn't work for me. I have also been trying to think hard about what I might have done to have caused the problem. I am not a tinkerer and the only thing I can think of is that I installed Ximian Evolution as a mail program instead of Kmail which does not allow connection of two ISPs. I don't see how that could have any effect and I don't want to remove it at this stage as I would be in danger of losing all my mail. Many thanks again for your patience. Please say so if you think we have gone far enough. Gervase ------------------------------------------------------- This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
