Sean Carolan wrote:
Does the count field from "iptables -vnL RH-Firewall-1-INPUT" show
your REJECT rules being hit?
Yes, the rule gets hit and it returns an answer to the DNS query
anyway. I saw it increment from 10 to 11 when I ran the query:
11 692 REJECT udp -- * * 10.10
> Are you running tcpdump on the same machine that is doing the filtering?
> You do realize that tcpdump sees the packets as they come from the
> interface and before they are passed to the filter rules, right?
I had forgotten this important piece of information. Thank you for
pointing this out.
Sean Carolan wrote:
I'm attempting to block access to port 53 from internet hosts for an
internal server. This device is behind a gateway router so all
traffic appears to come from source ip 10.100.1.1. Here are my
(non-working) iptables rules:
-A RH-Firewall-1-INPUT -s 10.100.1.1 -m tcp -p tc
3 matches
Mail list logo