DNS thru packet filtering Firewall
James Griffin
agriffin at cpcug.org
Fri Jan 25 14:03:37 UTC 2002
Will S wrote:
>
> Question:
> I have a primary and secondary DNS behind a ipchains firewall. In options I
> have defined query-source address * port 53. In my zone I have defined
> allow-transfer { IP };
> Things are not working as they should, as I can not successfully do forward
> lookups on remote servers.
> What have I missed.
Several things:
1. That this is a firewall problem, not a BIND one.
2. That iptables is a much better basis for building a firewall.
3. Not checking the newsgroup archive for this topic.
4. Not posting any of your ipchain rules relating to DNS queries and
replies so that folks could try to help.
Recommened reading "Linux Firewalls" 2nd edition by Ziegler
> I am running bind 9.1.3 on Linux 7.2
>
> Thanks,
> Will
More information about the bind-users
mailing list