[ILUG] iptables and DNS
John P. Looney
john at antefacto.com
Tue Jan 22 12:52:43 GMT 2002
On Tue, Jan 22, 2002 at 12:48:32PM +0000, Dave Hickey mentioned:
> I have a network with 2 DNS servers behind the firewall. The firewall is a
> 2.4.17 kernel on redhat 7.1 (all updates applied). Netfilter is built into the
> kernel.
>
> The rules on the firewall are set to allow forwarding of all UDP traffic from
> anywhere to anywhere. The INPUT, OUTPUT and FORWARD chains have default
> policies of accept.
>
> When I query the DNS for a zone that it is authoritative for I get an answer.
> If I query a zone that it is not authoritative for I get a time out after 2
> seconds. If I run the same query on the dns server I get an answer.
Let TCP in & out too. Some DNS requests are done with TCP.
Kate
--
_______________________________________
John Looney Chief Scientist
a n t e f a c t o t: +353 1 8586004
www.antefacto.com f: +353 1 8586014
More information about the ILUG
mailing list