hi when u r using default drop policy u should write bidirectional rules.i also had this kind of problem soltion of this problem is
iptables -A INPUT -j ACCEPT -i ppp0 -s 193.252.19.3 (dns server) -d 0/0 --dport 53 iptables -A INPUT -j ACCEPT -i ppp0 -d 193.252.19.3 (dns server) -s 0/0 --dport 53 do this for each rule. --- Manish Kumar Arya On Tue, 2 Apr 2002 11:44:39 fcarioca wrote: >Hello, > >i have a little problem with iptables rules > >i have setup a netfilter firewall to protect my mail server > >i'm 2 interfaces: eth0 (lan card) ppp0 (provider interface) > >i have setup up: > >iptables -A INPUT DROP >iptables -A OUTPUT ACCEPT >iptables -A FORWARD DROP > >iptables -A INPUT -j ACCEPT -i ppp0 -s 193.252.19.3 (dns server) -d >0/0 --dport 53 >iptables -A INPUT -j ACCEPT-i ppp0 -s 193.252.19.4 (dns server) -d >0/0 --dport 53 >iptables -A INPUT -j ACCEPT -i ppp0 -s 0/0 -d >192.168.0.1/255.255.255.0 --dport 25 > > >when i try it, the server can't deliver the mail because it can't >resolve the dns name (ex pop.netcourrier.com) > >i can surf because i'm using ip masquerading rules > >someone have ideas? > >thanks > >fred > >------------------------------------------------------------- >NetCourrier, votre bureau virtuel sur Internet : Mail, Agenda, Clubs, Toolbar... >Web/Wap : www.netcourrier.com >T�l�phone/Fax : 08 92 69 00 21 (0,34 � TTC/min) >Minitel: 3615 NETCOURRIER (0,15 � TTC/min) > > > See Dave Matthews Band live or win a signed guitar http://r.lycos.com/r/bmgfly_mail_dmb/http://win.ipromotions.com/lycos_020201/splash.asp
