Re: Opening port 53

[Rick Stevens <rstevens vitalstream com>]

Roger Harrell wrote:
>  > So I removed these rules and tried: iptables -I INPUT 1 -p udp -s
>  > 0.0.0.0/0 -d 0.0.0.0/0 --dport 53 -j ACCEPT
>  >
>  > Why?  Do you want to prevent outside DNS resolution for your system?
>  > You would only open destination port 53 if YOU are a DNS server.  You
>  >  must open SOURCE port 53 to allow other machines to do DNS for you.
>  > The original rules do that for the two servers listed.
>
> Yes, I am a DNS server, and do not want incoming queries to reroute.
>
>  >
>  > Which gives:
>  >
>  > iptables v1.2.7a: Couldn't load target
>  > `accept':/lib/iptables/libipt_accept.so: cannot open shared object
>  > file: No such file or directory
>  >
>  > I don't know about that.  I think you've mistyped it.  ACCEPT is
>  > built into iptables.  Are you sure you didn't type "-j accept"?   It
>  > must be capitalized.
>
> *blush*. That must have been what I did. The commands work. The DNS 
> server is working properly now! Thanks sooo much for your help.

No problem, Roger.

"That's what we're here for!" (c) 2004, the Red Hat Install List ;-)
>


--
----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens vitalstream com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-     If Bill Gates got a dime for every time Windows crashes...     -
-              ...oh, wait.  He does.  THAT explains it!             -
----------------------------------------------------------------------