DNS lookup doesn't work after update
Posted: Wed Nov 23, 2016 6:24 am
Hi everybody! It is seems that after update of Vesta CP, DNS lookup doesn't work anymore. Probably Iptables blocks all DNS outer requests from system (CentOS 6). As result Wordpress can't update plugins, some tools doesn't work:
If I ping an IP - all is Ok:
This is certainly connected with rules in Iptables. If I switch Iptables off, everything works as supposed. Below is rules, which was qualified as "stateless" by some engineers at other forums:
As I newbie in Linux systems, could you please give me an advice - what command needed to unblock DNS requests. Many thanks in advance.
Additionally my /etc/resolv.conf has below content (I already tried different configs here and restarted server):
Code: Select all
/etc/sysconfig$ ping -c 1 api.wordpress.org
ping: unknown host api.wordpress.orgCode: Select all
/etc/sysconfig$ ping -c 1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=60 time=0.272 ms
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.272/0.272/0.272/0.000 msCode: Select all
/etc/sysconfig$ iptables -L -n -v
Chain INPUT (policy DROP 9 packets, 1033 bytes)
pkts bytes target prot opt in out source destination
305 2334K ACCEPT all -- * * 212.******* 0.0.0.0/0
0 0 ACCEPT all -- * * 127.0.0.1 0.0.0.0/0
51 8156 ACCEPT tcp -- * * 87.****** 0.0.0.0/0 multiport dports 22,3978
188 13015 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587,2525
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 110,995
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 3306,5432
10 453 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8083
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 728 packets, 2833K bytes)
pkts bytes target prot opt in out source destination
Chain vesta (0 references)
pkts bytes target prot opt in out source destination Additionally my /etc/resolv.conf has below content (I already tried different configs here and restarted server):
Code: Select all
# Generated by NetworkManager
search uaservers.net
options timeout:3 attempts:3
nameserver 8.8.8.8
DNS1=8.8.8.8
DNS2=8.8.4.4