nameserver can not be found? [SOLVED]

Discussion in 'General' started by murdocklawless, Feb 15, 2022.

Tags:
  1. name server ns1.domain.com is down. pinging is saying ping request could not find host. it's happening by itself. I didn't change any config or something. today I only added 40110:40210 ports from firewall section for passive ftp ports.

    [​IMG]

    bind9 is running and seems like healty.

    I could't solve this?

    here is bind9 logs after restart;

    Code:
    Feb 16 02:06:48 xxxxxx systemd[1]: Started BIND Domain Name Server.
    Feb 16 02:06:48 xxxxxx named[13067]: starting BIND 9.16.1-Ubuntu (Stable Release) <id:d497c32>
    Feb 16 02:06:48 xxxxxx named[13067]: running on Linux x86_64 5.4.0-99-generic #112-Ubuntu SMP Thu Feb 3 13:50:55 UTC 2022
    Feb 16 02:06:48 xxxxxx named[13067]: built with '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' '--libdir=/usr/lib/x86_64-linux-gnu' '--sysconfdir=/etc/bind' '--with-python=python3' '--localstatedir=/' '--enable-threads' '--enable-largefile' '--with-libtool' '--enable-shared' '--enable-static' '--with-gost=no' '--with-openssl=/usr' '--with-gssapi=/usr' '--with-libidn2' '--with-json-c' '--with-lmdb=/usr' '--with-gnu-ld' '--with-maxminddb' '--with-atf=no' '--enable-ipv6' '--enable-rrl' '--enable-filter-aaaa' '--disable-native-pkcs11' '--disable-isc-spnego' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/bind9-e4rzcc/bind9-9.16.1=. -fstack-protector-strong -Wformat -Werror=format-security -fno-strict-aliasing -fno-delete-null-pointer-checks -DNO_VERSION_DATE -DDIG_SIGCHASE' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2'
    Feb 16 02:06:48 xxxxxx named[13067]: running as: named -f -u bind
    Feb 16 02:06:48 xxxxxx named[13067]: compiled by GCC 9.3.0
    Feb 16 02:06:48 xxxxxx named[13067]: compiled with OpenSSL version: OpenSSL 1.1.1f  31 Mar 2020
    Feb 16 02:06:48 xxxxxx named[13067]: linked to OpenSSL version: OpenSSL 1.1.1f  31 Mar 2020
    Feb 16 02:06:48 xxxxxx named[13067]: compiled with libxml2 version: 2.9.10
    Feb 16 02:06:48 xxxxxx named[13067]: linked to libxml2 version: 20910
    Feb 16 02:06:48 xxxxxx named[13067]: compiled with json-c version: 0.13.1
    Feb 16 02:06:48 xxxxxx named[13067]: linked to json-c version: 0.13.1
    Feb 16 02:06:48 xxxxxx named[13067]: compiled with zlib version: 1.2.11
    Feb 16 02:06:48 xxxxxx named[13067]: linked to zlib version: 1.2.11
    Feb 16 02:06:48 xxxxxx named[13067]: ----------------------------------------------------
    Feb 16 02:06:48 xxxxxx named[13067]: BIND 9 is maintained by Internet Systems Consortium,
    Feb 16 02:06:48 xxxxxx named[13067]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
    Feb 16 02:06:48 xxxxxx named[13067]: corporation.  Support and training for BIND 9 are
    Feb 16 02:06:48 xxxxxx named[13067]: available at https://www.isc.org/support
    Feb 16 02:06:48 xxxxxx named[13067]: ----------------------------------------------------
    Feb 16 02:06:48 xxxxxx named[13067]: adjusted limit on open files from 524288 to 1048576
    Feb 16 02:06:48 xxxxxx named[13067]: found 1 CPU, using 1 worker thread
    Feb 16 02:06:48 xxxxxx named[13067]: using 1 UDP listener per interface
    Feb 16 02:06:48 xxxxxx named[13067]: using up to 21000 sockets
    Feb 16 02:06:48 xxxxxx named[13067]: loading configuration from '/etc/bind/named.conf'
    Feb 16 02:06:48 xxxxxx named[13067]: /etc/bind/named.conf.options:21: option 'dnssec-enable' is obsolete and should be removed
    Feb 16 02:06:48 xxxxxx named[13067]: reading built-in trust anchors from file '/etc/bind/bind.keys'
    Feb 16 02:06:48 xxxxxx named[13067]: looking for GeoIP2 databases in '/usr/share/GeoIP'
    Feb 16 02:06:48 xxxxxx named[13067]: using default UDP/IPv4 port range: [32768, 60999]
    Feb 16 02:06:48 xxxxxx named[13067]: using default UDP/IPv6 port range: [32768, 60999]
    Feb 16 02:06:48 xxxxxx named[13067]: listening on IPv4 interface lo, 127.0.0.1#53
    Feb 16 02:06:48 xxxxxx named[13067]: listening on IPv4 interface ens160, 80.211.143.65#53
    Feb 16 02:06:48 xxxxxx named[13067]: listening on IPv4 interface tun0, 10.8.0.1#53
    Feb 16 02:06:48 xxxxxx named[13067]: IPv6 socket API is incomplete; explicitly binding to each IPv6 address separately
    Feb 16 02:06:48 xxxxxx named[13067]: listening on IPv6 interface lo, ::1#53
    Feb 16 02:06:48 xxxxxx named[13067]: listening on IPv6 interface ens160, fe80::250:56ff:fea9:4d39%2#53
    Feb 16 02:06:48 xxxxxx named[13067]: listening on IPv6 interface tun0, fe80::a5af:1003:1b9f:2c36%5#53
    Feb 16 02:06:48 xxxxxx named[13067]: unable to set effective uid to 0: Operation not permitted
    Feb 16 02:06:48 xxxxxx named[13067]: generating session key for dynamic DNS
    Feb 16 02:06:48 xxxxxx named[13067]: unable to set effective uid to 0: Operation not permitted
    Feb 16 02:06:48 xxxxxx named[13067]: sizing zone task pool based on 8 zones
    Feb 16 02:06:48 xxxxxx named[13067]: none:100: 'max-cache-size 90%' - setting to 879MB (out of 976MB)
    Feb 16 02:06:48 xxxxxx named[13067]: set up managed keys zone for view _default, file 'managed-keys.bind'
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 10.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 16.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 17.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 18.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 19.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 20.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 21.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 22.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 23.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 24.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 25.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 26.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 27.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 28.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 29.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 30.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 31.172.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 168.192.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 64.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 65.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 66.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 67.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 68.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 69.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 70.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 71.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 72.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 73.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 74.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 75.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 76.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 77.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 78.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 79.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 80.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 81.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 82.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 83.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 84.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 85.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 86.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 87.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 88.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 89.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 90.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 91.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 92.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 93.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 94.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 95.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 96.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 97.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 98.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 99.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 100.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 101.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 102.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 103.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 104.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 105.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 106.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 107.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 108.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 109.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 110.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 111.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 112.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 113.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 114.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 115.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 116.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 117.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 118.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 119.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 120.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 121.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 122.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 123.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 124.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 125.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 126.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 127.100.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 254.169.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: D.F.IP6.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 8.E.F.IP6.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 9.E.F.IP6.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: A.E.F.IP6.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: B.E.F.IP6.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: EMPTY.AS112.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: automatic empty zone: HOME.ARPA
    Feb 16 02:06:48 xxxxxx named[13067]: none:100: 'max-cache-size 90%' - setting to 879MB (out of 976MB)
    Feb 16 02:06:48 xxxxxx named[13067]: configuring command channel from '/etc/bind/rndc.key'
    Feb 16 02:06:48 xxxxxx named[13067]: command channel listening on 127.0.0.1#953
    Feb 16 02:06:48 xxxxxx named[13067]: configuring command channel from '/etc/bind/rndc.key'
    Feb 16 02:06:48 xxxxxx named[13067]: command channel listening on ::1#953
    Feb 16 02:06:48 xxxxxx named[13067]: managed-keys-zone: loaded serial 3
    Feb 16 02:06:48 xxxxxx named[13067]: zone 0.in-addr.arpa/IN: loaded serial 1
    Feb 16 02:06:48 xxxxxx named[13067]: zone 127.in-addr.arpa/IN: loaded serial 1
    Feb 16 02:06:48 xxxxxx named[13067]: zone 255.in-addr.arpa/IN: loaded serial 1
    Feb 16 02:06:48 xxxxxx named[13067]: zone domain1.com/IN: loaded serial 2022021603 (DNSSEC signed)
    Feb 16 02:06:48 xxxxxx named[13067]: zone domain2.com/IN: loaded serial 2022021603 (DNSSEC signed)
    Feb 16 02:06:48 xxxxxx named[13067]: zone domain3.com/IN: loaded serial 2022021609 (DNSSEC signed)
    Feb 16 02:06:48 xxxxxx named[13067]: zone localhost/IN: loaded serial 2
    Feb 16 02:06:48 xxxxxx named[13067]: all zones loaded
    Feb 16 02:06:48 xxxxxx named[13067]: running
    Feb 16 02:06:48 xxxxxx named[13067]: zone domain1.com/IN: sending notifies (serial 2022021603)
    Feb 16 02:06:48 xxxxxx named[13067]: zone domain2.com/IN: sending notifies (serial 2022021603)
    Feb 16 02:06:48 xxxxxx named[13067]: zone domain3.com/IN: sending notifies (serial 2022021609)
     
    Last edited: Feb 16, 2022
  2. bind9 log after ns1.domain.com record update;

    Code:
    Feb 16 02:38:01 xxxxxx systemd[1]: Reloading BIND Domain Name Server.
    Feb 16 02:38:01 xxxxxx named[14274]: received control channel command 'reload'
    Feb 16 02:38:01 xxxxxx named[14274]: loading configuration from '/etc/bind/named.conf'
    Feb 16 02:38:01 xxxxxx named[14274]: /etc/bind/named.conf.options:21: option 'dnssec-enable' is obsolete and should be removed
    Feb 16 02:38:01 xxxxxx named[14274]: reading built-in trust anchors from file '/etc/bind/bind.keys'
    Feb 16 02:38:01 xxxxxx named[14274]: looking for GeoIP2 databases in '/usr/share/GeoIP'
    Feb 16 02:38:01 xxxxxx named[14274]: using default UDP/IPv4 port range: [32768, 60999]
    Feb 16 02:38:01 xxxxxx named[14274]: using default UDP/IPv6 port range: [32768, 60999]
    Feb 16 02:38:01 xxxxxx named[14274]: sizing zone task pool based on 8 zones
    Feb 16 02:38:01 xxxxxx named[14274]: none:100: 'max-cache-size 90%' - setting to 879MB (out of 976MB)
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 10.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 16.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 17.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 18.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 19.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 20.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 21.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 22.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 23.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 24.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 25.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 26.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 27.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 28.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 29.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 30.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 31.172.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 168.192.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 64.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 65.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 66.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 67.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 68.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 69.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 70.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 71.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 72.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 73.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 74.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 75.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 76.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 77.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 78.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 79.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 80.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 81.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 82.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 83.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 84.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 85.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 86.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 87.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 88.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 89.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 90.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 91.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 92.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 93.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 94.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 95.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 96.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 97.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 98.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 99.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 100.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 101.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 102.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 103.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 104.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 105.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 106.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 107.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 108.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 109.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 110.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 111.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 112.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 113.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 114.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 115.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 116.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 117.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 118.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 119.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 120.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 121.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 122.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx rndc[55675]: server reload successful
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 123.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 124.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 125.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx systemd[1]: Reloaded BIND Domain Name Server.
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 126.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 127.100.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 254.169.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: D.F.IP6.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 8.E.F.IP6.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 9.E.F.IP6.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: A.E.F.IP6.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: B.E.F.IP6.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: EMPTY.AS112.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: automatic empty zone: HOME.ARPA
    Feb 16 02:38:01 xxxxxx named[14274]: none:100: 'max-cache-size 90%' - setting to 879MB (out of 976MB)
    Feb 16 02:38:01 xxxxxx named[14274]: configuring command channel from '/etc/bind/rndc.key'
    Feb 16 02:38:01 xxxxxx named[14274]: configuring command channel from '/etc/bind/rndc.key'
    Feb 16 02:38:01 xxxxxx named[14274]: reloading configuration succeeded
    Feb 16 02:38:01 xxxxxx named[14274]: reloading zones succeeded
    Feb 16 02:38:01 xxxxxx named[14274]: zone domain1.com/IN: loaded serial 2022021610 (DNSSEC signed)
    Feb 16 02:38:01 xxxxxx named[14274]: zone domain1.com/IN: sending notifies (serial 2022021610)
    Feb 16 02:38:01 xxxxxx named[14274]: all zones loaded
    Feb 16 02:38:01 xxxxxx named[14274]: running
    
     
  3. ahrasis

    ahrasis Well-Known Member

    In order to help you better, do provide us with the require information as stated in Please read before posting! Most of the time you'd be surprised that it even can help you before any of us can.
     
  4. you are right, I post it in a hurry.

    system;

    Code:
    No LSB modules are available.
    Distributor ID: Ubuntu
    Description:    Ubuntu 20.04.3 LTS
    Release:        20.04
    Codename:       focal
    dig domain;

    Code:
    ; <<>> DiG 9.16.1-Ubuntu <<>> @localhost cembol.com
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7505
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 4096
    ; COOKIE: bc91b91f016d8b8301000000620ca3a05a43f5347ba5fd10 (good)
    ;; QUESTION SECTION:
    ;cembol.com.                    IN      A
    
    ;; ANSWER SECTION:
    cembol.com.             3600    IN      A       80.211.143.65
    
    ;; Query time: 4 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Wed Feb 16 10:11:28 +03 2022
    ;; MSG SIZE  rcvd: 83
    htf_report.txt;

    Code:
    ##### SERVER #####
    IP-address (as per hostname): [localhost]
    [WARN] could not determine server's ip address by ifconfig
    [INFO] OS version is Ubuntu 20.04.3 LTS
     
    [INFO] uptime:  10:04:21 up 10:01,  1 user,  load average: 0.03, 0.03, 0.00
     
    [INFO] memory:
                  total        used        free      shared  buff/cache   available
    Mem:          976Mi       418Mi       100Mi        34Mi       458Mi       362Mi
    Swap:         4.2Gi       1.6Gi       2.6Gi
     
    [INFO] systemd failed services status:
      UNIT                      LOAD   ACTIVE SUB    DESCRIPTION                         
    ● certbot.service           loaded failed failed Certbot                             
    ● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate
    
    LOAD   = Reflects whether the unit definition was properly loaded.
    ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
    SUB    = The low-level unit activation state, values depend on unit type.
    
    2 loaded units listed.
    
    [INFO] ISPConfig is installed.
    
    ##### ISPCONFIG #####
    ISPConfig version is 3.2.7p1
    
    
    ##### VERSION CHECK #####
    
    [INFO] php (cli) version is 7.4.3
    [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.3
    
    ##### PORT CHECK #####
    
    
    ##### MAIL SERVER CHECK #####
    
    
    ##### RUNNING SERVER PROCESSES #####
    
    [INFO] I found the following web server(s):
        Apache 2 (PID 13840)
    [INFO] I found the following mail server(s):
        Postfix (PID 2257)
    [INFO] I found the following pop3 server(s):
        Dovecot (PID 719)
    [INFO] I found the following imap server(s):
        Dovecot (PID 719)
    [INFO] I found the following ftp server(s):
        PureFTP (PID 1208)
    
    ##### LISTENING PORTS #####
    (only        ()
    Local        (Address)
    [anywhere]:10080        (2270/./ts3server)
    [anywhere]:993        (719/dovecot)
    [anywhere]:995        (719/dovecot)
    [anywhere]:10022        (2270/./ts3server)
    [localhost]:10023        (1036/postgrey)
    [localhost]:10024        (9963/amavisd-new)
    [localhost]:10025        (2257/master)
    [localhost]:10026        (9963/amavisd-new)
    [localhost]:10027        (2257/master)
    [anywhere]:587        (2257/master)
    [localhost]:11211        (727/memcached)
    [anywhere]:110        (719/dovecot)
    [anywhere]:143        (719/dovecot)
    [anywhere]:30033        (2270/./ts3server)
    [anywhere]:465        (2257/master)
    ***.***.***.***:53        (14274/named)
    ***.***.***.***:53        (14274/named)
    [localhost]:53        (14274/named)
    [anywhere]:21        (1208/pure-ftpd)
    ***.***.***.***:53        (705/systemd-resolve)
    [anywhere]:22        (838/sshd:)
    [localhost]:953        (14274/named)
    [anywhere]:25        (2257/master)
    [anywhere]:10011        (2270/./ts3server)
    [localhost]0080        (2270/./ts3server)
    *:*:*:*::*:993        (719/dovecot)
    *:*:*:*::*:995        (719/dovecot)
    [localhost]0022        (2270/./ts3server)
    *:*:*:*::*:10024        (9963/amavisd-new)
    *:*:*:*::*:10026        (9963/amavisd-new)
    *:*:*:*::*:3306        (955/mysqld)
    *:*:*:*::*:587        (2257/master)
    [localhost]10        (719/dovecot)
    [localhost]43        (719/dovecot)
    *:*:*:*::*:8080        (13840/apache2)
    *:*:*:*::*:80        (13840/apache2)
    *:*:*:*::*:8081        (13840/apache2)
    *:*:*:*::*:465        (2257/master)
    *:*:*:*::*a5af:1003:1b9f:53        (14274/named)
    *:*:*:*::**:*:*:*::*53        (14274/named)
    *:*:*:*::*:53        (14274/named)
    *:*:*:*::*:21        (1208/pure-ftpd)
    *:*:*:*::*:22        (838/sshd:)
    *:*:*:*::*:25        (2257/master)
    *:*:*:*::*:953        (14274/named)
    *:*:*:*::*:443        (13840/apache2)
    
    
    
    
    ##### IPTABLES #####
    Chain INPUT (policy DROP)
    target     prot opt source               destination     
    f2b-postfix-syslog  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 25
    f2b-dovecot  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 110,995,143,993,587,465,4190
    f2b-named-refused-tcp  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 53,953
    f2b-named-refused-udp  udp  --  [anywhere]/0            [anywhere]/0            multiport dports 53,953
    f2b-pure-ftpd  tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 21
    f2b-sshd   tcp  --  [anywhere]/0            [anywhere]/0            multiport dports 22
    ufw-before-logging-input  all  --  [anywhere]/0            [anywhere]/0       
    ufw-before-input  all  --  [anywhere]/0            [anywhere]/0       
    ufw-after-input  all  --  [anywhere]/0            [anywhere]/0       
    ufw-after-logging-input  all  --  [anywhere]/0            [anywhere]/0       
    ufw-reject-input  all  --  [anywhere]/0            [anywhere]/0       
    ufw-track-input  all  --  [anywhere]/0            [anywhere]/0       
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination     
    ufw-before-logging-forward  all  --  [anywhere]/0            [anywhere]/0       
    ufw-before-forward  all  --  [anywhere]/0            [anywhere]/0       
    ufw-after-forward  all  --  [anywhere]/0            [anywhere]/0       
    ufw-after-logging-forward  all  --  [anywhere]/0            [anywhere]/0       
    ufw-reject-forward  all  --  [anywhere]/0            [anywhere]/0       
    ufw-track-forward  all  --  [anywhere]/0            [anywhere]/0       
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination     
    ufw-before-logging-output  all  --  [anywhere]/0            [anywhere]/0       
    ufw-before-output  all  --  [anywhere]/0            [anywhere]/0       
    ufw-after-output  all  --  [anywhere]/0            [anywhere]/0       
    ufw-after-logging-output  all  --  [anywhere]/0            [anywhere]/0       
    ufw-reject-output  all  --  [anywhere]/0            [anywhere]/0       
    ufw-track-output  all  --  [anywhere]/0            [anywhere]/0       
    
    Chain f2b-dovecot (1 references)
    target     prot opt source               destination     
    RETURN     all  --  [anywhere]/0            [anywhere]/0       
    
    Chain f2b-named-refused-tcp (1 references)
    target     prot opt source               destination     
    RETURN     all  --  [anywhere]/0            [anywhere]/0       
    
    Chain f2b-named-refused-udp (1 references)
    target     prot opt source               destination     
    RETURN     all  --  [anywhere]/0            [anywhere]/0       
    
    Chain f2b-postfix-syslog (1 references)
    target     prot opt source               destination     
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0       
    
    Chain f2b-pure-ftpd (1 references)
    target     prot opt source               destination     
    RETURN     all  --  [anywhere]/0            [anywhere]/0       
    
    Chain f2b-sshd (1 references)
    target     prot opt source               destination     
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***        [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***       [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***       [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***       [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***           [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***       [anywhere]/0            reject-with icmp-port-unreachable
    REJECT     all  --  ***.***.***.***      [anywhere]/0            reject-with icmp-port-unreachable
    RETURN     all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-after-forward (1 references)
    target     prot opt source               destination     
    
    Chain ufw-after-input (1 references)
    target     prot opt source               destination     
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:137
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:138
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:139
    ufw-skip-to-policy-input  tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:445
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:67
    ufw-skip-to-policy-input  udp  --  [anywhere]/0            [anywhere]/0            udp dpt:68
    ufw-skip-to-policy-input  all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    
    Chain ufw-after-logging-forward (1 references)
    target     prot opt source               destination     
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-input (1 references)
    target     prot opt source               destination     
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-after-logging-output (1 references)
    target     prot opt source               destination     
    
    Chain ufw-after-output (1 references)
    target     prot opt source               destination     
    
    Chain ufw-before-forward (1 references)
    target     prot opt source               destination     
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ufw-user-forward  all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-before-input (1 references)
    target     prot opt source               destination     
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0       
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    DROP       all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 3
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 11
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 12
    ACCEPT     icmp --  [anywhere]/0            [anywhere]/0            icmptype 8
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp spt:67 dpt:68
    ufw-not-local  all  --  [anywhere]/0            [anywhere]/0       
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***          udp dpt:5353
    ACCEPT     udp  --  [anywhere]/0            ***.***.***.***      udp dpt:1900
    ufw-user-input  all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-before-logging-forward (1 references)
    target     prot opt source               destination     
    
    Chain ufw-before-logging-input (1 references)
    target     prot opt source               destination     
    
    Chain ufw-before-logging-output (1 references)
    target     prot opt source               destination     
    
    Chain ufw-before-output (1 references)
    target     prot opt source               destination     
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0       
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0            ctstate RELATED,ESTABLISHED
    ufw-user-output  all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-logging-allow (0 references)
    target     prot opt source               destination     
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "
    
    Chain ufw-logging-deny (2 references)
    target     prot opt source               destination     
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ctstate INVALID limit: avg 3/min burst 10
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "
    
    Chain ufw-not-local (1 references)
    target     prot opt source               destination     
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type LOCAL
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type MULTICAST
    RETURN     all  --  [anywhere]/0            [anywhere]/0            ADDRTYPE match dst-type BROADCAST
    ufw-logging-deny  all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 10
    DROP       all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-reject-forward (1 references)
    target     prot opt source               destination     
    
    Chain ufw-reject-input (1 references)
    target     prot opt source               destination     
    
    Chain ufw-reject-output (1 references)
    target     prot opt source               destination     
    
    Chain ufw-skip-to-policy-forward (0 references)
    target     prot opt source               destination     
    DROP       all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-skip-to-policy-input (7 references)
    target     prot opt source               destination     
    DROP       all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-skip-to-policy-output (0 references)
    target     prot opt source               destination     
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-track-forward (1 references)
    target     prot opt source               destination     
    
    Chain ufw-track-input (1 references)
    target     prot opt source               destination     
    
    Chain ufw-track-output (1 references)
    target     prot opt source               destination     
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            ctstate NEW
    
    Chain ufw-user-forward (1 references)
    target     prot opt source               destination     
    ACCEPT     all  --  ***.***.***.***/24          [anywhere]/0       
    
    Chain ufw-user-input (1 references)
    target     prot opt source               destination     
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:1194
    DROP       all  --  ***.***.***.***/24     [anywhere]/0       
    DROP       all  --  ***.***.***.***/16        [anywhere]/0       
    DROP       all  --  ***.***.***.***/24       [anywhere]/0       
    DROP       all  --  ***.***.***.***/24      [anywhere]/0       
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:20
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:21
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:22
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:25
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:53
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:80
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:110
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:143
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:443
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:465
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:587
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:993
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:995
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:3306
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8080
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:8081
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:10000
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:53
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:3306
    ACCEPT     udp  --  [anywhere]/0            [anywhere]/0            udp dpt:9987
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:10011
    ACCEPT     tcp  --  [anywhere]/0            [anywhere]/0            tcp dpt:30033
    
    Chain ufw-user-limit (0 references)
    target     prot opt source               destination     
    LOG        all  --  [anywhere]/0            [anywhere]/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
    REJECT     all  --  [anywhere]/0            [anywhere]/0            reject-with icmp-port-unreachable
    
    Chain ufw-user-limit-accept (0 references)
    target     prot opt source               destination     
    ACCEPT     all  --  [anywhere]/0            [anywhere]/0       
    
    Chain ufw-user-logging-forward (0 references)
    target     prot opt source               destination     
    
    Chain ufw-user-logging-input (0 references)
    target     prot opt source               destination     
    
    Chain ufw-user-logging-output (0 references)
    target     prot opt source               destination     
    
    Chain ufw-user-output (1 references)
    target     prot opt source               destination     
    
    
    
    
    ##### LET'S ENCRYPT #####
    Certbot is installed in /usr/bin/letsencrypt
     
  5. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If ping can not reach the host maybe it has lost Internet connectivyt and thus can not work as name server.
    Have you tried pinging the IP number, does ping work then?
    If you altered firewall configuration, maybe you by mistake blocked the host being reached from the internet?
    My signature has link to name service tutorial, it has troubleshooting insctructions. Check if your name server answers when used from public Internet.
    Check what is registered as name servers of the domain.
     
  6. ahrasis

    ahrasis Well-Known Member

    I pinged cembol.com just fine though the ip doesn't matched the one you quoted above. Is your ns1 server now up again?
     
  7. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Have you set up your own name server host and are testing that? You can test it giving as parameter the name server to use, but since looks like you have not entered ns1 A record in your hosting providers name servers the hostname ns1 does not work. Use IP-number of your name server instead in host command and dig command.
    Now that I figured out what domain and IP-number you have, I tested and your name server does work. But you have not registered your new name server at your domain registrar. See yourself what command whois shows as name server for your domain.
     
  8. I've 3 sites and they were working just fine till yesterday. I setup up ispconfig more than a year ago. these 3 sites are hosted in my ispconfig confguration.

    I'm pinging ns1.cembol.com and the result is;
    ping ns1.cembol.com
    ping: ns1.cembol.com: Name or service not known
     
    Last edited: Feb 16, 2022
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    Login to the server ns1.cembol.com and run this command on the shell:

    dig @localhost ns1.cembol.com

    If this works, then check the domain registry of your domain cembol.com (the place where you registered it, not on your server) to see if the settings there are correct (correct DNS servers and correct glue records for the name servers).
     
  10. no ns1 is not up.
     
  11. ahrasis

    ahrasis Well-Known Member

    It shows different ip for both your dns server from my side when I successfully pinged but dig shows no ip for both your dns server. Your top domain however can be pinged and its ip also shows on dig.
     
  12. nhybgtvfr

    nhybgtvfr Well-Known Member HowtoForge Supporter

    your domain cembol.com has expired, it's been parked for free by godaddy.
    so the nameservers for the domain have been switched to ns05(06).domaincontrol.com, which obviously doesn't have all these A records.


    go to godaddy and renew your domain.
     
    murdocklawless, ahrasis and till like this.
  13. I've just notice that I did this. my mistake, I'm so sorry. thank you all for your replys.
     

Share This Page