Most DNS servers probably respond on the same port as was the origin of the query they're responding to. Some clients (and a DNS server that forwards or recurses a request is also a client) issue requests FROM port 53 as well as to. UDP to port 53 should be accepted from any port. DNS responses may be directed to any port, but should be coming from port 53.
David Gillett > -----Original Message----- > From: Glenn English [mailto:[EMAIL PROTECTED] > Sent: July 28, 2003 18:38 > To: [EMAIL PROTECTED] > Subject: domain ACL? > > > My understanding is that UDP connects to port 53 should be > allowed only > from ports > 1023. When I set that, I get *many* deny's > coming from port > 53 UDP to port 53. > > Is there a legit reason for that connection? My new firewall is > scribbling all over my log :-) > > -- > Glenn English > [EMAIL PROTECTED] > > > -------------------------------------------------------------- > ------------- > -------------------------------------------------------------- > -------------- > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
