[NBLUG/talk] Firewall killing gethostbyname()?

ME dugan at passwall.com
Sat Sep 13 14:49:00 PDT 2003


Daniel Smith said:
> I'm in the midst of investigating why a gethostbyname()
> call is failing in perl.  I notice the same failure
> when I run hostname:
>
> bucky:home/dls # hostname -v -i
> gethostname()=`bucky'
> Resolving `bucky' ...
> hostname: Unknown host

Check your file "/etc/resolv.conf"
Does it include "search some-domain.name"?
like:
search pacbell.net
?
This can be appended to host name searches when a single name fails. (Many
time, host name lookup require a "FQDN" (Fully Qualified Domain Name) to
work.


> I strongly suspect it is something that happened when
> I set up my firewall with Bastille (though this was
> a while back, and I am reluctant to fiddle with the
> firewall) - my test script works fine on my home debian
> box, and Mac OS X.

What I would do is try othe DNS lookup tools like "dig" or "nslookup"

With dig, I think you can even specify tcp dns as well as the usual udp.
(TCP based dns won't work many places BTW.)

> * does this sound familiar?

Not really. Sorry. :-/

> * what is a good plan B to get the IP addr in Perl for the
>    local machine?

Hmmm. Not portable, but should work in Linux:
call system app ifconfig and pull out the IP address of the first eth
interface?

Getting the perl script to work would be best (gethostbyname().

> Even if I change my firewall, the script will be part of a
> package that I Open Source, so I can't just assume that
> others won't run into the problem (hence the need for a
> Plan B).

If you can resolve DNS lookups from other apps, then I would not excpect
this to be a firewall issue. Can you try gethostbyname() with an arg like
"www.passwall.com" or something else with more than just a host name
without the domain name included?

Speaking of firewalls and filters, Frank Ball and Devin C. offered a
presentation on firewalls where I think they included a script to grab the
local machine's ip by using ifconfig.

Something like:
ifconfig eth0|perl -ne '/inet addr:(\S+)/ and print $1'
(which would be a sample call from bash using perl, but the basics are
there for how to parse the data.)

Making gethgostbyname is a better idea here though. :-/

What does tcpdump say is happening on the net when you do that? (Verify
the response/error is from the local machine failing to reach a server vs
an error of reaching the server with the server replying "no such
server/unable to resolve.)

HTH,
-ME
> trivial test script:
> #!/usr/bin/perl -w
> use Socket;
> use Sys::Hostname;
> my $host = hostname();
> my $addr = inet_ntoa(scalar gethostbyname($host || 'localhost'));
> print <<EOM;
> host is $host
> addr is $addr
> EOM



More information about the talk mailing list