-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 16 Jul 2003 14:05:19 -0400, Scott Antonivich wrote:
> named is working for me properly, if I do not have iptables turned on. As > soon as I do turn them on DNS cannot reach any servers. > > I am puzzled. > > My iptables look like this.... > > # Firewall configuration written by lokkit > # Manual customization of this file is not recommended. > # Note: ifup-post will punch the current nameservers through the > # firewall; such entries will *not* be listed here. > *filter > :INPUT ACCEPT [0:0] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [0:0] > :RH-Lokkit-0-50-INPUT - [0:0] > -A INPUT -j RH-Lokkit-0-50-INPUT > -A FORWARD -j RH-Lokkit-0-50-INPUT > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 110 --syn -j ACCEPT > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 143 --syn -j ACCEPT > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT > -A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT > -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 53 -j ACCEPT > -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 1645 -j ACCEPT > -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 1646 -j ACCEPT > -A RH-Lokkit-0-50-INPUT -p udp -m udp -s 127.0.0.1 --sport 53 -d 0/0 -j > ACCEPT > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --syn -j REJECT > -A RH-Lokkit-0-50-INPUT -p udp -m udp -j REJECT > COMMIT > > I have been manualled editing the /etc/sysconfig/iptables file and stoping > and starting iptables when I make any changes... Where do you accept DNS replies? And why don't you use any LOG rules for diagnostic purposes? - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/FcgH0iMVcrivHFQRAssXAJ9jc6CawKCQ/4rNmVSsEAtDD+bNaQCePzcO 8SScNLaYUof+5BMckpr6C+E= =aGm1 -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
