[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

DNS thru firewall

Hello again

I have this in my fw roules to allow acces to a nameserver inside my 
net (it will be moved to a DMZ later). 

iptables -A FORWARD $v -i $INTER -o $INTRA -p udp --destination-port domain -d hygglo2.gdpc.se -j ACCEPT

(all the used domainame is specifide in /etc/hosts so the fw can go 
up before the net).

It works as far as I can look up names from remote sites. But zone 
transfere dont seam to work and the dns server crached mysteriusly 
last night so something migt anoy it :-/

Is there any more ports that needs to be open for a full working dns 
server? Is ther some kind of cookbook for what ports different 
services uses?

I have got prety far by loking into /etc/services and guessing ;-) 
but it don't feel all that secure :-/

TIA /Lars

Reply to: