[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Ipchains and dns

Subject: [cobalt-security] Ipchains and dns
From: "Robbert Hamburg \(HaVa Web- & Procesdesign\)" <user@xxxxxxx>
Date: Wed, 16 Apr 2003 19:29:33 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

# DNS Server (persistant connections)
/sbin/ipchains -A input -s 0/0 -d 0/0 53 -p tcp -y -j ACCEPT

# allow dns - standard
/sbin/ipchains -A input -p udp -s 0/0 -d 0/0 53 -j ACCEPT

Running the above in a firewall script makes it impossible to use that dns
server.....

what do i need to do to make it for everyone possible to use the dns(for
users), but also allow zone transfers.

Someone willing to share an example. Cause I'm out in the blue here....

Robbert


-- 
This message has been scanned for viruses and
dangerous content by HaVa.nl MailScanner, and is
believed to be clean.

Follow-Ups:
- Re: [cobalt-security] Ipchains and dns
  - From: E.B. Dreger
- Re: [cobalt-security] Ipchains and dns
  - From: Michael Stauber
- Re: [cobalt-security] Ipchains and dns - my firewall.
  - From: Lance Rushing

References:
- blocking spam (Re: [cobalt-security] VRFY root [rejected])
  - From: E.B. Dreger

Prev by Date: Re: blocking spam (Re: [cobalt-security] VRFY root [rejected])
Next by Date: [cobalt-security] Looking for a writer
Previous by thread: [cobalt-security] Looking for a writer
Next by thread: Re: [cobalt-security] Ipchains and dns

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index