[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How do I configure iptables to allow DNS lookups?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Aug 06, 2003 at 11:02:42PM -0400, Malcolm Ferguson wrote:
> I'm trying to configure iptables as strictly as possible, however, I'm 
> having problems with DNS.  If I understand correctly how DNS works, the 
> client sends a UDP packet from a high number port to port 53 on the name 
> server.  The name server responds with a UDP packet back to that high 
> number port.  Is this correct?

Use stateful firewalling, it's easier.  I don't remember how to set it
up, and the machine I set it up on originally is packed up since I
become technically homeless on Saturday (but I do have a place to stay
and put my box up).

- -- 
 .''`.     Paul Johnson <baloo@ursine.ca>
: :'  :    proud Debian admin and user
`. `'`
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Mjq4sClmdIs2Ki8RAkuTAJ9PobGh4q34md0odpvyl2LlwqyStwCeJBng
bYZfTmdPud9C1M7mnmfw10o=
=F/2J
-----END PGP SIGNATURE-----



Reply to: