CentOS Icon CentOS Logo
CentOS Text
   
  
www.centos.org Forum Index
   CentOS 6 - General Support
   iptables blocks dns

 

  Bottom    Previous Topic    Next Topic
  •  Rate Thread
      Rate this Thread
      Excellent
      Good
      Average
      Bad
      Terrible
Poster Thread
  •  agriz
      agriz
iptables blocks dns
#35
Regular Board Member
Joined: 2011/11/19
From
Posts: 81
When i stop iptables 

nslookup site.com


Server: dns ip
Address: dns ip#53

Non-authoritative answer:
Name: site.com
Address: ipaddress

When i start iptables,

;; connection timed out; no servers could be reached

Why does iptables blocks dns?


iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT


iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

iptables -I INPUT 1 -i lo -j ACCEPT
iptables -I OUTPUT 1 -o lo -j ACCEPT

//ssh
iptables -A INPUT -i eth0 -p tcp --dport 1234 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 1234 -m state --state ESTABLISHED -j ACCEPT

iptables -A INPUT -i eth0 -p icmp --icmp-type echo-request -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -o eth0 -p icmp --icmp-type echo-reply -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -i eth0 -p icmp --icmp-type echo-reply -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -o eth0 -p icmp --icmp-type echo-request -m state --state ESTABLISHED,RELATED -j ACCEPT


iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT


iptables -A OUTPUT -p udp -o eth0 --dport 53 --sport 1024:65535 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --sport 53 --dport 1024:65535 -j ACCEPT

iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT


This is what i entered in iptables.
Posted on: 2011/12/8 19:04
Create PDF from Post Print
Top
Subject Poster Date
     Re: iptables blocks dns TrevorH 2011/12/8 20:31
       Re: iptables blocks dns agriz 2011/12/8 20:49
         Re: iptables blocks dns TrevorH 2011/12/8 21:01
           Re: iptables blocks dns agriz 2011/12/8 21:10
             Re: iptables blocks dns TrevorH 2011/12/8 21:20
               Re: iptables blocks dns agriz 2011/12/8 21:28
                 Re: iptables blocks dns agriz 2011/12/8 21:30
                   Re: iptables blocks dns TrevorH 2011/12/8 21:46
                     Re: iptables blocks dns agriz 2011/12/8 21:52
                       Re: iptables blocks dns TrevorH 2011/12/8 22:18
                         Re: iptables blocks dns agriz 2011/12/8 22:32
                           Re: iptables blocks dns TrevorH 2011/12/8 22:43
                             Re: iptables blocks dns agriz 2011/12/8 22:53
                               Re: iptables blocks dns TrevorH 2011/12/8 23:17
                                 Re: iptables blocks dns agriz 2011/12/8 23:30
                                   Re: iptables blocks dns TrevorH 2011/12/8 23:40
                                     Re: iptables blocks dns agriz 2011/12/8 23:46
                                       Re: iptables blocks dns TrevorH 2011/12/8 23:52
                                         Re: iptables blocks dns agriz 2011/12/8 23:54
                                           Re: iptables blocks dns agriz 2011/12/9 19:08
                                             Re: iptables blocks dns TrevorH 2011/12/9 19:46
                                               Re: iptables blocks dns agriz 2011/12/9 21:15
                                                 Re: iptables blocks dns TrevorH 2011/12/9 21:42
                                                   Re: iptables blocks dns agriz 2011/12/9 21:51
                                                     Re: iptables blocks dns agriz 2011/12/9 22:04
                                                       Re: iptables blocks dns TrevorH 2011/12/9 23:14
                                                         Re: iptables blocks dns agriz 2011/12/9 23:18
                                                           Re: iptables blocks dns TrevorH 2011/12/9 23:29
                                                             Re: iptables blocks dns agriz 2011/12/9 23:30
                                                               Re: iptables blocks dns TrevorH 2011/12/9 23:32
                                                                 Re: iptables blocks dns agriz 2011/12/9 23:36
                                                                   Re: iptables blocks dns agriz 2011/12/9 23:52
                                                                     Re: iptables blocks dns agriz 2011/12/10 0:07
                                                           Re: iptables blocks dns agriz 2011/12/9 23:27
 Top   Previous Topic   Next Topic

 

 You cannot start a new topic.
 You can view topic.
 You cannot reply to posts.
 You cannot edit your posts.
 You cannot delete your posts.
 You cannot add new polls.
 You cannot vote in polls.
 You cannot attach files to posts.
 You cannot post without approval.




"Linux" is a registered trademark of Linus Torvalds. | All other trademarks are property of their respective owners. | All other content is Copyright @ 2004-2009 by the CentOS Project or "each individual contributor (forums, comments, etc.) unless otherwise assigned".| Theme based on a theme by 7dana.com