Re: Iptables Problem on DNS Server

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Joe de Vera Jr." <jhoedv@we-amuse.com>
To: netfilter@lists.samba.org
Subject: Re: Iptables Problem on DNS Server
Date: Sat, 22 Jun 2002 21:01:26 -0700	[thread overview]
Message-ID: <001201c21a6a$a6f45080$6500a8c0@systemsadmin> (raw)
In-Reply-To: 20020622003205.C81D44808@lists.samba.org

here's my ruleset in my machine... seen anything wrong or lacking here?

just to remind you guys my problem is that.. when my firewall is running my
DNS don't work... thanks!

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          state
RELATED,ESTABLISHED
ACCEPT     tcp  --  216.138.0.0/16       0.0.0.0/0          tcp dpt:21
ACCEPT     tcp  --  216.138.0.0/16       0.0.0.0/0          tcp dpt:22
ACCEPT     tcp  --  216.138.0.0/16       0.0.0.0/0          tcp dpt:110
ACCEPT     tcp  --  216.208.0.0/16       0.0.0.0/0          tcp dpt:21
ACCEPT     tcp  --  216.208.0.0/16       0.0.0.0/0          tcp dpt:22
ACCEPT     tcp  --  216.208.0.0/16       0.0.0.0/0          tcp dpt:110
ACCEPT     tcp  --  196.40.0.0/16        0.0.0.0/0          tcp dpt:21
ACCEPT     tcp  --  196.40.0.0/16        0.0.0.0/0          tcp dpt:22
ACCEPT     tcp  --  196.40.0.0/16        0.0.0.0/0          tcp dpt:110
ACCEPT     tcp  --  203.87.0.0/16        0.0.0.0/0          tcp dpt:21
ACCEPT     tcp  --  203.87.0.0/16        0.0.0.0/0          tcp dpt:22
ACCEPT     tcp  --  203.87.0.0/16        0.0.0.0/0          tcp dpt:110
ACCEPT     tcp  --  24.100.0.0/16        0.0.0.0/0          tcp dpt:21
ACCEPT     tcp  --  24.100.0.0/16        0.0.0.0/0          tcp dpt:22
ACCEPT     tcp  --  24.100.0.0/16        0.0.0.0/0          tcp dpt:110
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:21
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:22
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:110
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:80 state
NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:21 state
NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:25 state
NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:22 state
NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:53 state
NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:3306
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:110
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:1127
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:2047
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:5012
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:6563
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:6564
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:7012
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:7017
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:7019
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:7021
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:8000
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:8007
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:8010
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:8080
state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0          tcp dpt:10000
state NEW
REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0          reject-with
tcp-reset
REJECT     udp  --  0.0.0.0/0            0.0.0.0/0          reject-with
icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

next      parent reply	other threads:[~2002-06-23  4:01 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20020622003205.C81D44808@lists.samba.org>
2002-06-23  4:01 ` Joe de Vera Jr. [this message]
2002-06-22 13:06   ` Iptables Problem on DNS Server Antony Stone
     [not found] <20020622173606.02EE74692@lists.samba.org>
2002-06-23  9:26 ` Joe de Vera Jr.
2002-06-22 18:32   ` Antony Stone
     [not found] <20020622131306.987A9444F@lists.samba.org>
2002-06-23  4:36 ` Joe de Vera Jr.
2002-06-22 13:39   ` Antony Stone
2002-06-22  8:17 Joe de Vera Jr.
2002-06-21 17:20 ` Ramin Alidousti
2002-06-21 17:23   ` Nick Drage
2002-06-21 17:27 ` Antony Stone
  -- strict thread matches above, loose matches on Subject: below --
2002-06-22  5:29 Iptables problem " Joe de Vera Jr.
2002-06-21 14:31 ` Antony Stone
2002-06-21 14:46 ` Maciej Soltysiak

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='001201c21a6a$a6f45080$6500a8c0@systemsadmin' \
    --to=jhoedv@we-amuse.com \
    --cc=netfilter@lists.samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.