how to monitor traffic at port 53 (DNS)

Posted by Registered User on Server Fault See other posts from Server Fault or by Registered User
Published on 2011-03-06T14:47:59Z Indexed on 2011/03/06 16:11 UTC
Read the original article Hit count: 162

Filed under:

iptables

|

ubuntu-10.04

|

tcpdump

I am a bit confused with the abundant tcpdump tutorials on internet. I am having a few of the virtual machines running on a virtualization server.Where I am debugging a problem.Port 53 is the one in problem. I have a bridged setup where out of 4 LAN cards on the machine in question one is active and it is xen-br0 I want to check if there is any request coming on port 53 on the server by other machines on LAN in question. I also want to see if the guest operating systems on LAN or any other machine is sending traffic at port 53.Due to abundant messages being generated via tcpdump I am finding it difficult to grep the output at desired port.

So how can I use it if some one can give an example that would be helpful. Thanks in advance.

© Server Fault or respective owner

Related posts about iptables

Sometimes this script fails to update the iptables

as seen on Server Fault - Search for 'Server Fault'
It does not happen often, but sometimes after running the below script, checking the iptables with service iptables status shows that they weren't updated and the script doesn't output any error. The iptables is structured as look-up tree (long repeated sections snipped): #!/bin/sh iptables -t… >>> More
My current iptable configuration doesn't work [on hold]

as seen on Server Fault - Search for 'Server Fault'
sudo chkconfig iptables off /etc/init.d/iptables on ### Clear/flush iptables sudo iptables -F sudo iptables -P INPUT ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -P FORWARD ACCEPT ### Allow SSH iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables… >>> More
L2TP iptables port forward

as seen on Server Fault - Search for 'Server Fault'
Hi all, I'm setting up port forwarding for an L2TP VPN connection to the local Windows 2003 VPN server. The router is a simpel Debian machine with iptables. The VPN server works perfect. But I cannot log in from the WAN. I'm missing something. The VPN server is using a pre-shared key (L2TP) and… >>> More
iptables -P FORWARD DROP makes port forwarding slow

as seen on Server Fault - Search for 'Server Fault'
I have three computers, linked like this: box1 (ubuntu) box2 router & gateway (debian) box3 (opensuse) [10.0.1.1] ---- [10.0.1.18,10.0.2.18,10.0.3.18] ---- [10.0.3.15] | box4, www [10.0.2.1] Among other… >>> More
IPtables AWS EC2 NAT/Reverse NAT - For Reverse Proxy style setup but with IPtables

as seen on Server Fault - Search for 'Server Fault'
I was thinking initially needing to do a reverse proxy or something so I could get some SSL/TLS traffic look like it is being terminated at a server and IP address in the AWS cloud, and then that traffic is forwarded onto our actual web servers that aren't in the cloud... I've not done much iptables… >>> More

Related posts about ubuntu-10.04

Cannot access Ubuntu 10/04 after reinstalling Windows

as seen on Super User - Search for 'Super User'
I had Windows Vista Home Premium on HP pavilion desktop. I partitioned the disk for Ubuntu and a swap disk partition and then I installed Ubuntu 10.04. When I would start my computer, I would be given a choice to start Windows or Ubuntu. Today I reinstalled Windows, and now the menu has disappeared… >>> More
Dual head setup for Ubuntu 10.04.1 and Windows XP Pro with same hardware configuration

as seen on Super User - Search for 'Super User'
Hello. I have a Dell OptiPlex 360 workstation at work, with 2 x ATI RV280 [Radeon 9200 PRO] graphics cards installed, which are attached to two identical 19" HII flat panel monitors. I'm using the open source Radeon driver with Ubuntu, and the proprietary drivers with Windows. The good news is that… >>> More
ifup eth0 failed in Ubuntu 11.10 and Ubuntu 10.04.3

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
ifup eth0 failed to bring up eth0 First, I have set static ip using the below commands: Commands: ifdown eth0 ifconfig eth0 X.X.X.X netmask 255.255.252.0 up route add default gw X.X.X.X I was successful in setting up static ip X.X.X.X and I could see the same in the output of command "ifconfig"… >>> More
very long boot up with Ubuntu 10.04.4

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I installed Ubuntu 10.04.3 on Atom. Then I do the update and upgrade with: #apt-get update #apt-get upgrade #apt-get dist-upgrade The system can boot up now but in almost 2 minutes. After power on and system test, it will stop at "Verifying DMI pool data" for 10 seconds before the GRUB menu comes… >>> More
configuring two network interfaces in ubuntu 10.04.1

as seen on Server Fault - Search for 'Server Fault'
I have got two NICs configured on a VM - each is tied to a specific network, one is a DMZ, the other is an internal network. I want MySQL to listen on the internal network only and Apache on the DMZ listening for HTTP and HTTPS. But as soon as I add the second interface I run into trouble. I can… >>> More