I recently started running my own DNS server since my ISP was charging me for my domain names to be listed on their DNS server. Since installing my DNS I have been unable to execute the command # iptables -L.
I added the following to the allow-service-all section of my firewall: $IPT -A INPUT -p 6 -s 0/0 -d 0/0 --dport 53 -j ACCEPT and that didn't help anything. I then added the following to my firewall.sh file: $IPT -A INPUT -i $IF -p udp -s $DNS --sport 53 -m state --state ESTABLISHED -j ACCEPT $IPT -A OUTPUT -o $IF -p udp -d $DNS --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT $IF=eth1 (my internet connection) $DNS=my dns server ip (xxx.xxx.xxx.xxx/32) Neither of these solutions has helped with my problem. External connections "appear" to work as my secondary DNS server (on another network at another site) is able to send/receive updates. Also, internal machines on my network are able to use my server for DNS purposes. However, I do see hits in my firewall log from other ip's outside my network. What is the correct way to open up my DNS to all machines, both internal and external? I should mention that DNS queries are only accepted on port 53 at this time. Any help would be appreciated. Dan
