Re: firewalled dns clients

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On November 6, 2003 10:49 pm, Fritz Mesedilla wrote:
> Greetings!
> Thank to all of your help I was able to create a safe network behind an
> iptables firewall. Now I need help again.
> How do I let the workstations do a nslookup?
>
>           Internet
>
>
>           Firewall
>
>
>     -------------------------------
>
>
> workstation    workstation    workstation
>
>
>
>
> From their windows workstation, I want to be able to let them perform a
> nslookup.
>
> I tried this and nothing happened.
> $IPTABLES -A INPUT -p tcp --sport 53 -j ACCEPT
> even a
> $IPTABLES -A INPUT -p tcp --dport 53 -j ACCEPT
>
> Do I need a nat?
>
	You may need to include upd port 53 access for the clients.
	is your DNS server on the iptables firewall box? 
	if not the above rules aren't gonna help.
	you need to allow 53 to the DNS server -- if you are using external DNS you 
need to allow the ports through the FORWARD chain.
>
> Cheers,
>
>
> fritz <www.mesedilla.com>
> ---
> + Basta Ikaw Lord
>
>
> ----------------------------------------------------------------------
> This email and any files transmitted with it are confidential and
> intended solely for the use of the individual or entity to whom they
> are addressed. If you have received this email in error please notify
> the sender immediately by e-mail and delete this e-mail from your
> system. Please note that any views or opinions presented in this
> email are solely those of the author and do not necessarily represent
> those of the company. Finally, the recipient should check this email
> and any attachments for the presence of viruses. The company accepts
> no liability for any damage caused by any virus transmitted by this
> email.
>
> Overture Media, Inc.
> Direct Line: (632) 635-4785
> Trunkline:   (632) 631-8971 Local 146
> Fax: (632) 637-2206
> Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. Ortigas Ave.,
> Quezon City 1100

-- 

	Alistair Tonner
	nerdnet.ca
	Senior Systems Analyst - RSS
	
     Any sufficiently advanced technology will have the appearance of magic.
	Lets get magical!


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux