The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Firewall ports for dnsonly?

Discussion in 'Security' started by JamesAB, Jan 11, 2010.

  1. JamesAB

    JamesAB Active Member

    Joined:
    Apr 12, 2003
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    New Hampshire
    I opened a support ticket, but cPanel support could only offer this link which doesn't really help:
    LinuxFAQ < 11_24/AllFAQ < TWiki

    I'm simply trying to determine the minimum firewall ports required for running cPanel's dnsonly. Is there anybody running dnsonly that could shed some light on this?

    Any help would be appreciated.

    Thanks,
    James
     
  2. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    For DNSOnly to operate it needs ports 2086 and 2087, minimum. Other ports, such as 25, are at your discretion.
     
  3. webcave

    webcave Member

    Joined:
    Jun 17, 2009
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    @cpanelkenneth - wouldn't you need the DNS port open as well 53 that's how i have it on my configuration.
     
  4. JamesAB

    JamesAB Active Member

    Joined:
    Apr 12, 2003
    Messages:
    44
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    New Hampshire
    So something like this might be the bare minimum?

    Code:
    TCP_IN = 53,2086,2087
    TCP_OUT = 53
    UDP_IN = 53
    UPD_OUT = 53,123
    Adding 22 (in/out) for SSH and 25 (out) so the server can send mail out would probably be a good idea for us.

    How about time synchronization? Does dnsonly use rdate on 37? Or do we need to setup NTP ourselves if we want to synchronize the server time?

    Thanks,
    James
     
Loading...

Share This Page