Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have instaled an firewall on my server and if I try to connect to my DNS i can't connect even if i accept everithing on 53 port, before installing the firewall my dns was working OK,
I blocked all ports from 0 to 65535
and I opened potrs
TCP 22, 25, 53, 80, 110, 3306
UDP 25, 53, 123, 1370, 3010
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
If you're running a DNS server behind the firewall, then you need ports 53 UDP and TCP open and forwarded to the DNS server. You also need to allow the responses back out.
Maybe you should clarify things a bit. Is "your DNS" on your own network (at home?), or is it someone elses' server that is providing DNS for you (i.e. a web hosting company, or domain registrar)?
If your own machine is acting as a DNS server, where is it on your network? Could you describe how your network is setup (e.g. DSL goes into dual-homed box, running iptables, inside NIC is connected to switch, all boxes on switch have RFC1918 addresses and are being NAT'd by firewall, etc...).
DNS is a tricky protocol to let through firewalls, this has to do with the way klients and servers communicate. The tricky part is that different clients/servers do it a litettle different.
This is a linkto a site trying tio describe to issue. http://homepages.tesco.net/~J.deBoyn...all-holes.html
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.