-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 16 Jul 2003 14:05:19 -0400, Scott Antonivich wrote:
> named is working for me properly, if I do not have iptables turned on. As
> soon as I do turn them on DNS cannot reach any servers.
>
> I am puzzled.
>
> My iptables look like this
>
essage. If the
message is there, the rules aren't working as I expect.
edisA
David
--__--__--
Message: 26
From: Jason Staudenmayer <[EMAIL PROTECTED]>
To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
Subject: RE: iptables causing problem with named? (fixed
You need to allow both TCP and UDP for DNS to work:
-A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 53 -j ACCEPT
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 53 -j ACCEPT
David
--__--__--
Message: 13
From: "Scott Antonivich" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: iptables causing p
Antonivich
Sent: Wednesday, July 16, 2003 2:34 PM
To: [EMAIL PROTECTED]
Subject: RE: iptables causing problem with named?
So you are sayig do this?
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT
ing. Works great for when your hand writing rules.
-Original Message-
From: Scott Antonivich [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 16, 2003 2:34 PM
To: [EMAIL PROTECTED]
Subject: RE: iptables causing problem with named?
So you are sayig do this?
:INPUT DROP [0:0]
:FORWARD DROP [
:34 PM
To: [EMAIL PROTECTED]
Subject: RE: iptables causing problem with named?
So you are sayig do this?
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Lokkit-0-50-INPUT - [0:0]
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
iptables
Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jason Staudenmayer
Sent: Wednesday, July 16, 2003 2:20 PM
To: '[EMAIL PROTECTED]'
Subject: RE: iptables causing problem with named?
Why are you checking for port 53 on the loopback just allow everything to
and from th
Why are you checking for port 53 on the loopback just allow everything to
and from the loopback. Here's my rules:
iptables -A INPUT -s 127.0.0.1 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 53 -j ACCEPT
Change default policy of INPUT and