RE: thoughts on a newbie tutorial i'll be giving shortly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "'iptables mailing list'" <netfilter@xxxxxxxxxxxxxxxxxxx>
Subject: RE: thoughts on a newbie tutorial i'll be giving shortly
From: "Rob Sterenborg" <rob@xxxxxxxxxxxxxxx>
Date: Thu, 30 Oct 2003 14:14:36 +0100
In-reply-to: <FDB52A0429DFD31196FB0008C7D972D50EA57905@OST_EXCH_USR5>
Sender: netfilter-admin@xxxxxxxxxxxxxxxxxxx
Thread-index: AcOe5P4jgri0AZXRRtWfcDm7C6lTGgAAl2WA

> Just my 0.02, if it's worth that much considering I cant even 
> get DNS lookups from my fw working.....

You have probably set policy to DROP for the OUTPUT chain.
iptables -A OUTPUT -p udp --dport 53 [-d ip_dns] -j ACCEPT
Some would say to also do this for the tcp proto, but this should work.


Gr,
Rob

Follow-Ups:
- RE: thoughts on a newbie tutorial i'll be giving shortly
  - From: Robert P. J. Day

References:
- RE: thoughts on a newbie tutorial i'll be giving shortly
  - From: Knight, Steve

Prev by Date: RE: thoughts on a newbie tutorial i'll be giving shortly
Next by Date: RE: thoughts on a newbie tutorial i'll be giving shortly
Previous by thread: RE: thoughts on a newbie tutorial i'll be giving shortly
Next by thread: RE: thoughts on a newbie tutorial i'll be giving shortly
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux