The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IPTables Question

Discussion in 'General Discussion' started by Diatone, Apr 22, 2004.

  1. Diatone

    Diatone Well-Known Member

    Joined:
    Aug 22, 2001
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    Can anyone tell me why IPTables is blocking and queries sent to my dns port (53)? IT works fine when i turn off IPTables. Here is the config file

    # Firewall configuration written by lokkit
    # Manual customization of this file is not recommended.
    # Note: ifup-post will punch the current nameservers through the
    # firewall; such entries will *not* be listed here.
    *filter
    :INPUT ACCEPT [0:0]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    :RH-Lokkit-0-50-INPUT - [0:0]
    -A INPUT -j RH-Lokkit-0-50-INPUT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 110 --syn -j ACCEPT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 21 --syn -j ACCEPT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
    -A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 0:1023 --syn -j REJECT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 2049 --syn -j REJECT
    -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 0:1023 -j REJECT
    -A RH-Lokkit-0-50-INPUT -p udp -m udp --dport 2049 -j REJECT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 6000:6009 --syn -j REJECT
    -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 7100 --syn -j REJECT
    COMMIT



    Any insight would be appreciated.

    Thanks
     
  2. laborspy

    laborspy Well-Known Member

    Joined:
    Feb 7, 2004
    Messages:
    94
    Likes Received:
    0
    Trophy Points:
    6
    Try this

    ptables -A INPUT -p udp --destination-port 53 -j ACCEPT
    iptables -A INPUT -p tcp --syn --destination-port 53 -j ACCEPT
     
Loading...

Share This Page