On Fri, 2004-02-27 at 01:17, Carlos Mora wrote:
> Actually that is exactly what I did last night. It took the problem away. I
> will be testing this a little more this evening. Some very interesting
> things though,
> 1. I took all rules out but the ACCEPT port 53 for both TCP and UDP, and
> also left the REJECT rules in for TCP and UDP at the end.
> 	When I tested. 'host' still failed
> 	'host -T' worked.
> 2. I took out just the port 53 TCP rule and tried the same test.
> 	'host' failed
> 	'host -T' WORKED!!!! (This should have failed)
> 3. I took out all rules except the REJECTs and got the same results!
> 4. turned off ipchains all together and BOTH worked!
> 5. I also tried a different default kernel. (binmem and std 2.4.20-8)
> Again, it was rather late when I made this discovery and I will do some more
> testing this evening.
> This is some very strange behavior. I am very surprised that it has not been
> uncovered before!

It is probably only "strange" in your environment.  :-)

> I will keep everyone posted. Thanks for all the suggestions.

Well, then I have another one for you.

Since turning off ipchains fixes the problem it sounds as if you have
some issue with ipchains.  Therefore, now seems a good time to dump
chains and move to tables.

Suggest you checkout and consider using it as
your iptables configuration utility.  Shorewall is simple to understand
and with a bit of reading you should be up and running on iptables in 30
minutes or less.

> Does anyone know how to force a kernel core dump? And how to analyze it?
> Thanks
> Carlos

