First...the ability to ping has nothing to do with teh ability to serve up DNS. Your firewall doesn't appear to be accepting/responding to pings.
That aside, you've got the right port for DNS, but the wrong protocol. DNS lookups are done via udp, not tcp. Port 53/tcp is for domain zone transfers. On Tue, 19 Nov 2002, Wesley Jay Deypalan wrote: > Hi, > > I have a RH8 and planning to make it a DNS Server, but I have problem > using the iptables. Here is my configurations for my firewall > > IPTABLES=/sbin/iptables > LAN="208.108.143.90" > $IPTABLES -P INPUT DROP > $IPTABLES -F INPUT > $IPTABLES -P OUTPUT ACCEPT > $IPTABLES -F OUTPUT > $IPTABLES -P FORWARD DROP > $IPTABLES -F FORWARD > $IPTABLES -A INPUT -i lo -j ACCEPT > $IPTABLES -A INPUT -d $LAN -p tcp --dport 80 -j ACCEPT > $IPTABLES -A INPUT -d $LAN -p tcp --dport 53 -j ACCEPT > $IPTABLES -A INPUT -d $LAN -p icmp -j ACCEPT > $IPTABLES -A OUTPUT -o lo -j ACCEPT > > When I use this as my firewall I cannot ping any website using their URL > (ie www.yahoo.com). What is lacking with my configuration to make a > firewall for my DNS Server? > > TIA > Wesley > > ________________________________________________________________________________ > MSN 8 helps ELIMINATE E-MAIL VIRUSES. Get 2 months FREE*. -- redhat-list > mailing list unsubscribe > mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list > -- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
