Re: Help with iptables rule for blocking UDP port 53

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



> Looks to me that you have a larger problem. Is this an rfc1918 address
> coming from the outside? You should be blocking ALL rfc1918 addresses from
> the Internet, as they are by definition an attack.

Hi Robert, thanks for the reply.  This is in fact what I am trying to
do.  We have a load-balancing device in front of this DNS server.  It
is configured so that all Internet traffic that comes through appears
to originate from 10.100.1.1.

> rfc1918 defines PRIVATE ipv4 addresses. These are not routed over the
> Internet. A packet with a source address in 'Net1' will never route out back
> to the sender. It is intended to attack (in some way) the destination.

Yep, these are internal DNS servers that were mis-configured by the
previous admin.  I'm trying to do some cleanup and make sure that they
are not available to the public internet.

What is confusing me is why my iptables rule is not working correctly.
 TCPdump shows that the source is correct.  Any ideas?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux