Quote:
Originally Posted by billymayday
What addresses are you listening to in you bind config?
Perhaps post your config here. What distro are you using?
|
Port 53.
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain
ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:10025
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt
op3
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:imap
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Top of named.conf:
key "rndc-key" {
algorithm hmac-md5;
secret "xxx";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndc-key"; };
};
logging {
channel default_debug {
file "/var/log/named.run";
severity dynamic;
};
};
options {
query-source port 53;
query-source-v6 port 53;
listen-on port 53 { 127.0.0.1; }; #was 127.0.0.1
listen-on-v6 port 53 { ::1; }; #was ::1
directory "/var/named/";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };#was localhost
recursion no; #was yes
allow-recursion { 127/8; 192.168/16; 10/8; 172.16/12; };
query-source address * port 53;
notify-source * port 53;
transfer-source * port 53;
};
zone "." IN {
type hint;