Sean Carolan wrote:
I would like to block all DNS queries that come from one particular ip address. I used TCPdump to verify that the queries were in fact, coming from this IP: [scarolan@server:~]$ sudo tcpdump -n udp port 53 and src 10.100.1.1 tcpdump: listening on eth0 11:12:17.162100 10.100.1.1.19233 > 10.100.1.61.domain: 14270+ A? server.domain.com. (32) (DF) Could someone help with the proper syntax for an IPtables rule to block port 53 udp traffic from this IP? I tried this rule but it doesn't work: -A RH-Firewall-1-INPUT -s 10.100.1.1 -m udp -p udp --dport 53 -j REJECT
Strange...your rule seems ok to me. Try with DROP instead of REJECT ? _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos