Hi I am kinda meddling around with the rc.firewall script
1>0 we have our own nameservice running
$IPTABLES -A INPUT -i $EXTIF -p tcp --dport 53 -j TCPACCEPT
$IPTABLES -A INPUT -i $EXTIF -p udp --dport 53 -j ACCEPT
$IPTABLES -A OUTPUT -o $EXTIF -p tcp --sport 53 -j ACCEPT
$IPTABLES -A OUTPUT -o $EXTIF -p udp --sport 53 -j ACCEPT
I hoped that this would be covered with above lines
but with the firewall up nslookup doesn't work anymore and ssh becomes very slow (assuming having no nameservice, falling back to IP) . I have the usual hosts.allow deny thingies in. I have also IP adress range filtering in so I assume that's why it lets me still in even if the DNS goes AWOL.
If I have understood this right anyway since I am new to firewalls
How do I get DNS named working in iptables :/ besides above lines
2.) Next thing. Our ISP offers console login via ssh funnily enough this is now linked to /etc/log/warn like on a desktop system.
I.E. the output generated vi firewall 23 as documented in the file is now on the console. fine for normal desktop systems, but I dont want it there.
fp=TCP:1 a=DROP IN=eth0 OUT= MAC=x SRC=x DST=xLEN=64 TOS=0x00 PREC=0x00 TTL=125 ID=22108 DF PROTO=TCP SPT=3984 DPT=135 WINDOW=16960 RES=0x00 SYN URGP=0
I run on a non destop service. I have no idea how the ISP does this, I assume I have to ask. Or and HOW can I allow ttSY0 access for ssh in the firewall and switch the warnings of. The access is two fold first with a ISP determined login that is then channeled to ttsy0.
Hope my comments weren't to newbie
and if they are please teach me