Re: How do I configure iptables to allow DNS lookups?

To: debian-user@lists.debian.org
Subject: Re: How do I configure iptables to allow DNS lookups?
From: Paul Johnson <baloo@ursine.ca>
Date: Thu, 7 Aug 2003 04:45:00 -0700
Message-id: <[🔎] 20030807114500.GD776@ursine.ca>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1060226639.4448.20.camel@jupiter.main.gaddis.org>
References: <[🔎] 3F31C152.3090706@yahoo.com> <[🔎] 1060226639.4448.20.camel@jupiter.main.gaddis.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Aug 06, 2003 at 10:23:59PM -0500, Jeremy Gaddis wrote:
> iptables -A INPUT -s <ip of first forwarder> --sport 53 --dport 53 -p
> udp -i <interface> -j ACCEPT
> iptables -A INPUT -s <ip of second forwarder> --sport 53 --dport 53 -p
> udp -i <interface> -j ACCEPT
> 
> and maybe a matching set with "-p tcp".

You shouldn't need the tcp, but you should s/INPUT/FORWARD since we're
talking about firewalling.

Input goes to (but not through) a host
Output comes from a host
Forward goes through (but not to) a host

Or, for a memonic, think beer, urine and saur-kraut for the three
rules, respectively, and yourself as the host.

- -- 
 .''`.     Paul Johnson <baloo@ursine.ca>
: :'  :    proud Debian admin and user
`. `'`
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Mju8sClmdIs2Ki8RAilmAJ9DbeB6XjcIoQKElrBN7vQxxAeuOACfeUoJ
W0qzMRb6PLmHAqO0gECXnQo=
=bdwW
-----END PGP SIGNATURE-----

Reply to:

References:
- How do I configure iptables to allow DNS lookups?
  - From: Malcolm Ferguson <Malcolm_Ferguson@yahoo.com>
- Re: How do I configure iptables to allow DNS lookups?
  - From: Jeremy Gaddis <jeremy@gaddis.org>

Prev by Date: Re: How do I configure iptables to allow DNS lookups?
Next by Date: How to set two IP addresses on the same NIC?
Previous by thread: Re: How do I configure iptables to allow DNS lookups?
Next by thread: Re: How do I configure iptables to allow DNS lookups?
Index(es):
- Date
- Thread