[CLUE-Tech] More firewalling questions...
Jeremiah Stanley
miah at miah.org
Thu Feb 15 15:19:21 MST 2001
I currently have a working firewall setup (I had to upgrade to a newer
kernel though, damn that RH distro!)
Everything that I need working works except for one thing. I cannot seem
to get queries out of BIND when the firewall is active. Here is what I
have for the DNS part of the firewall script:
ipchains -A output -i $EXTERNAL_INTERFACE -p udp \
-s $IPADDR $UNPRIVPORTS \
-d $ANYWHERE 53 -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p udp \
-s $ANYWHERE 53 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \
-s $IPADDR $UNPRIVPORTS \
-d $ANYWHERE 53 -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s $ANYWHERE 53 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT
More information about the clue-tech
mailing list