host & dig
walterk1 at earthlink.net
Sun Apr 11 12:10:58 UTC 2010
Adam Vande More wrote:
I used telnet to connect to 68.204.xxx.xxx
it tells me I've connected to xxx.xxx.204.68.cfl.res.rr.com.
(backwards, right?), then I log in.
No, you have to a connection before you login. You want to *strongly*
consider using ssh instead of telnet. You may also be referring the
format of the DNS query result which known as
I DID have a connection. ??? Maybe I gave too much detail,
but the point is that the IP yielded by host/dig did not match
what "whatismyip.com" gave here. I'd like to know why.
After user/pass entry, it says connected from "user-yyyyyyy.cab"
(replaced seemingly random name with "yyyyyyy" in case
it's not transient)
My external IP here is 24.110.nnn.nnn
When I use either "host" or "dig" to give me the IP address
from "user-yyyyyyy.cab", they tell me: 208.68.zzz.zzz
(Ping gives the same.)
So, I'm still at a loss, I think, to know the originating IP.
Should a firewall rule blocking 208.68.zzz.zzz actually
operate against 24.110.nnn.nnn?
I don't understand the question, what is the rule?
I'd STILL like to know the true source IP to be able to connect
back to it.
Thanks. Did that:
"netstat -n" gives the correct IP.
"sockstat" does also.
I couldn't find anything in the host or dig man pages that
indicated to me that they could be made to yield the proper
24.110.*.* IP address.
About the "rule"::: I was just mentioning one of the reasons
I want the IP address is so I can monitor multiple bad login
attempts to block the troublesome IP with a firewall rule. I
ALSO would like the correct IP for another purpose (project),
that involves connecting back to the source IP.
I will give a try to find out which IP address the ipfw firewall
operates on - the 208.68.*.* one or the 24.110.*.* one. It's not
obvious which at this point to me.
More information about the freebsd-questions