Problems with IP tables firewall (DNS and what the heck is this WinME box doing)
- To: <debian-firewall@lists.debian.org>
- Subject: Problems with IP tables firewall (DNS and what the heck is this WinME box doing)
- From: "Ehren Wilson" <ewilson@echostar.ca>
- Date: Wed, 6 Jun 2001 09:40:16 -0600
- Message-id: <004001c0ee9e$fbf11c60$0201a8c0@echostar.ca>
Hello,
I upgraded my kernel to 2.4.5 yesterday and decided to switch from using a
very loose ip chains script that was really only for masquarading to a
fairly tight ip tables setup. As it stand all my services are working but
DNS, but DNS works when I query localhost or the internal 192 ip (since
these are both basically wide open on there respective interfaces). Here is
what I currently have in my tcp_packets table for port 53.
---
$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 53 -j allowed
---
and for UDP
---
$IPTABLES -A udpincoming_packets -p UDP -s 0/0 --source-port 53 -j ACCEPT
---
if any one has a clue please do lend it to me :)
My one other concern is that on my external interface one of the other
machines (a WinMe box) is hitting the broadcast ip of the external network
with UDP packets every few minutes, or seconds even, and causing my
logchecks to be mostly garbage but before I filter out the noise was
wondering if anyone had seen this before.
<snip>
Jun 6 08:07:20 twitch kernel: IPT INPUT packet died: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:xx:xx:xx:xx:xx:xx:xx:00 SRC=xx.xxx.xx.121
DST=xx.xxx.xx.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=6667 PROTO=UDP
SPT=138 DPT=138 LEN=209
</snip>
My Linux box is xx.xxx.xx.120. Oh well thanks for any advice/help.
Ehren
Reply to: