RE: firewalled dns clients

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



No I don't have a dns server. I want them to be able to access the isp's dns.

I guess I have to forward them.

Thanks.

Cheers,


fritz <www.mesedilla.com>
---
+ Basta Ikaw Lord



> -----Original Message-----
> From: Alistair Tonner [mailto:Alistair@xxxxxxxxxx]
> Sent: Friday, November 07, 2003 12:46 PM
> To: Fritz Mesedilla; Netfilter Mailing List (E-mail)
> Subject: Re: firewalled dns clients
> 
> 
> On November 6, 2003 10:49 pm, Fritz Mesedilla wrote:
> > Greetings!
> > Thank to all of your help I was able to create a safe 
> network behind an
> > iptables firewall. Now I need help again.
> > How do I let the workstations do a nslookup?
> >
> >           Internet
> >
> >
> >           Firewall
> >
> >
> >     -------------------------------
> >
> >
> > workstation    workstation    workstation
> >
> >
> >
> >
> > From their windows workstation, I want to be able to let 
> them perform a
> > nslookup.
> >
> > I tried this and nothing happened.
> > $IPTABLES -A INPUT -p tcp --sport 53 -j ACCEPT
> > even a
> > $IPTABLES -A INPUT -p tcp --dport 53 -j ACCEPT
> >
> > Do I need a nat?
> >
> 	You may need to include upd port 53 access for the clients.
> 	is your DNS server on the iptables firewall box? 
> 	if not the above rules aren't gonna help.
> 	you need to allow 53 to the DNS server -- if you are 
> using external DNS you 
> need to allow the ports through the FORWARD chain.
> >
> > Cheers,
> >
> >
> > fritz <www.mesedilla.com>
> > ---
> > + Basta Ikaw Lord
> >
> >
> > 
> ----------------------------------------------------------------------
> > This email and any files transmitted with it are confidential and
> > intended solely for the use of the individual or entity to whom they
> > are addressed. If you have received this email in error 
> please notify
> > the sender immediately by e-mail and delete this e-mail from your
> > system. Please note that any views or opinions presented in this
> > email are solely those of the author and do not necessarily 
> represent
> > those of the company. Finally, the recipient should check this email
> > and any attachments for the presence of viruses. The company accepts
> > no liability for any damage caused by any virus transmitted by this
> > email.
> >
> > Overture Media, Inc.
> > Direct Line: (632) 635-4785
> > Trunkline:   (632) 631-8971 Local 146
> > Fax: (632) 637-2206
> > Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. 
> Ortigas Ave.,
> > Quezon City 1100
> 
> -- 
> 
> 	Alistair Tonner
> 	nerdnet.ca
> 	Senior Systems Analyst - RSS
> 	
>      Any sufficiently advanced technology will have the 
> appearance of magic.
> 	Lets get magical!
> 

----------------------------------------------------------------------
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender immediately by e-mail and delete this e-mail from your
system. Please note that any views or opinions presented in this
email are solely those of the author and do not necessarily represent
those of the company. Finally, the recipient should check this email
and any attachments for the presence of viruses. The company accepts
no liability for any damage caused by any virus transmitted by this
email. 

Overture Media, Inc.
Direct Line: (632) 635-4785
Trunkline:   (632) 631-8971 Local 146
Fax: (632) 637-2206
Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. Ortigas Ave., Quezon City 1100




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux