Results 1 to 6 of 6
Thread: iptables question
Enjoy an ad free experience by logging in. Not a member yet? Register.
I`m running bind9 on the NAT box to do DNS and I`ve been trying to make a rule stop the dns server being seen on from the internet.
On the NAT the nic cards are as follows :
windows box eth0
debian box eth2
My attemp to achive this is this.
iptables -A INPUT -i eth1 -p tcp --dport 53 -j DROP
PORT STATE SERVICE
53/tcp open domain
What am I doing wrong good people ???
From where do you scan the ports ? The command you've issued block only connections coming from internet. By the way, don't forget to block 53/udp as well -- most queries are done using udp.
I`m scaning from a friends computer over the internet.
I`ll add a rule for UDP later. Thanks for reminding me
And in what order do you apply the rules ? Try
iptables -I INPUT 1 -i eth1 -p tcp --dport 53 -j DROP
to let the rule apply as first, before others.
- Join Date
- Apr 2005
- Buenos Aires, Argentina
I would just do..
iptables -A INPUT -p tcp --dport 53 -j DROP iptables -A INPUT -p udp --dport 53 -j DROPserzsite.com.ar
"All the drugs in this world won\'t save you from yourself"
12-20-2005 #6Originally Posted by serz