Re: dns server firewall

Wed, 20 Nov 2002 19:20:42 -0800 

thanks for the response, i will try to change the protocol
From: Mike Burger <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: dns server firewall
Date: Tue, 19 Nov 2002 08:06:59 -0500 (EST)


First...the ability to ping has nothing to do with teh ability to serve up
DNS. Your firewall doesn't appear to be accepting/responding to pings.

That aside, you've got the right port for DNS, but the wrong protocol.
DNS lookups are done via udp, not tcp. Port 53/tcp is for domain zone
transfers.

On Tue, 19 Nov 2002, Wesley Jay Deypalan wrote:

> Hi,
> > I have a RH8 and planning to make it a DNS Server, but I have problem
> using the iptables. Here is my configurations for my firewall
> > IPTABLES=/sbin/iptables
> LAN="208.108.143.90"
> $IPTABLES -P INPUT DROP
> $IPTABLES -F INPUT
> $IPTABLES -P OUTPUT ACCEPT
> $IPTABLES -F OUTPUT
> $IPTABLES -P FORWARD DROP
> $IPTABLES -F FORWARD
> $IPTABLES -A INPUT -i lo -j ACCEPT
> $IPTABLES -A INPUT -d $LAN -p tcp --dport 80 -j ACCEPT
> $IPTABLES -A INPUT -d $LAN -p tcp --dport 53 -j ACCEPT
> $IPTABLES -A INPUT -d $LAN -p icmp -j ACCEPT
> $IPTABLES -A OUTPUT -o lo -j ACCEPT
> > When I use this as my firewall I cannot ping any website using their URL
> (ie www.yahoo.com). What is lacking with my configuration to make a
> firewall for my DNS Server?
> > TIA
> Wesley
>
> ________________________________________________________________________________
> MSN 8 helps ELIMINATE E-MAIL VIRUSES. Get 2 months FREE*. -- redhat-list
> mailing list unsubscribe
> mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
>

--
Mike Burger
http://www.bubbanfriends.org

Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000



--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail



--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to