On Thu, Apr 19, 2001 at 03:36:37PM -0500, Phil Brutsche wrote: > > > iptables -A INPUT -p UDP --source-port domain -j ACCEPT > > > > Huh? That is completely untrue. If that was the case then any program > > that wished to lookup hosts in the DNS would need to be run as root > > (ordinary users don't have access to port 53, remember). > > Perfectly true. With DNS, the query goes to port 53; the response comes > from port 53 on that same DNS server.
Yes, I was assuming that incoming DNS requests were the issue here, not replies to outgoing requests. It sounded to me like a DNS server was being run on this machine (it was, after all, referred to as a server) and that when UDP was blocked it was unable to respond to DNS requests. I might have misinterpreted the original problem. -- _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html
pgplxGOMsH9V0.pgp
Description: PGP signature
