Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 10-24-2004, 02:08 AM   #1
LQ Newbie
Registered: Oct 2004
Distribution: CentOS 3.3
Posts: 1

Rep: Reputation: 0
Question Problems with iptables and DNS/named Zone settings


I wouldn't consider myself a Linux noob (done lots of LAMP setups, especially compiling packages for the LAMP servers), however, I am definitely a new to Linux networking setups.

I have a dev linux server (CentOS 3.3, iptables 1.2.8, bind 9.2.4rc6, static IP and a workstation (Windows XP, DHCP, behind a Linksys router.

I am trying to secure my server fairly good (found some suspicious SSH entries in logs) to deny certain ports like 22, but allow them uncoditionally for my workstation (.100) and certain external IPs (production servers in data centres).

After a bit of hacking I believe I have found the problem, but am stumped on a solution. I am using gShield 2.8 to configure IP Tables. It has succesfully blocked IP from SSH (and I assume all others) and has allowed IP, as configured with ./conf/client_hosts in gShield.

However, I also have in ./conf/client_hosts, and my hacking found out that the likely cause of the problem is that in ./gShield.rc, certain commands are sent as `host $ip_address`, and returning invalid results. This may not be the cause, but here's hoping.

Running host returns:

Host not found: 3(NXDOMAIN)

Here is signicant portion of my /etc/named.conf:

zone "" {
type master;
file "";
allow-transfer {;;;

and the subsequent file:

$TTL 1d

@ 7d IN SOA (
2004102401 ; serial
28800 ; refresh
14400 ; retry
3600000 ; expiry
86400 ) ; minimum

@ 7d IN NS
@ 1d IN MX 10
@ 1d IN A
localhost 1d IN A
server 1d IN A
www 1d IN A
mail 1d IN A
winxp 1d IN A

I did a named-checkzone and it parses it good, and I did check to make sure that /etc/named.conf was actually loading the file (not chrooted or something else causing problem).

iptables -L is big, I don't know if it's worth pasting it all but here's what I found that might be significant?

RESERVED all -- anywhere
ADMIN all -- anywhere (tried to setup IP as admin as well)

Anyway, I have no idea where to go from here, any help would be greatly appreciated! Thanks in advance for the help!

Old 10-24-2004, 03:13 AM   #2
Senior Member
Registered: Dec 2000
Location: Gothenburg, SWEDEN
Distribution: OpenSUSE 10.3
Posts: 1,028

Rep: Reputation: 45
Host not found: 3(NXDOMAIN)
Apear because you don't have a PTR resource record in your reverse lookup zone.
Have a look at
Old 10-24-2004, 05:27 AM   #3
Registered: Sep 2004
Posts: 312

Rep: Reputation: 30

Thanx u r given above link is helpfull for me I was looking for some sendmail docs. I will check it out. Do u have more link like that for different servers.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS secondary zone transfer problems jc materi Linux - Networking 5 04-04-2007 12:19 PM
DNS: Named.conf don point to zone file Swakoo Linux - General 3 09-27-2005 07:02 PM
named classless reverse zone jon3k Linux - Software 1 03-08-2005 09:57 PM
BIND DNS Problems with Zone file and Config Init-0 Linux - Networking 6 07-30-2003 04:58 PM
named - dns - problems blaci Linux - General 2 07-22-2003 01:32 AM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:39 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration