[CentOS] BIND issues, server not responding
Michel van Deventer
michel at van.deventer.cx
Thu Aug 23 14:03:14 UTC 2007
>From what I see you have iptables 'in the way'.
Try to add the following rule to iptables and then try again :)
iptables -I RH-Firewall-1-INPUT -j ACCEPT -p udp --dport 53
If you like to have zone transfers or large queries done as well then you also
need to open a port for tcp/53
iptables -I RH-Firewall-1-INPUT -j ACCEPT -p tcp --dport 53
(to make the changes permanent do a 'service iptables save' after adding the
lines)
Regards,
Michel
On Thu, 23 Aug 2007 08:28:05 -0400, Ray Leventhal wrote
> Feizhou wrote:
> > Hello Ray,
> >
> >> Appears to be listening how I expected it to be, unless I'm not reading
> >> this right.
> >
> > Running 'dig www.swhi.net @64.135.16.15'
> >
> > ; <<>> DiG 9.2.4 <<>> www.swhi.net @64.135.16.15
> > ; (1 server found)
> > ;; global options: printcmd
> > ;; connection timed out; no servers could be reached
> >
> > Robert suggested looking at your firewall. What rules do you have
> > related to port 53 udp?
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> Hi Feizhou,
>
> As I'm not at all expert in my understanding of iptables I can't say
> definitely that there are any rules on port 53 udp but, here's the
> output of /sbin/iptables -L:
>
> [root at sunspot ray]# /sbin/iptables -L
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1-INPUT all -- anywhere anywhere
>
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> RH-Firewall-1-INPUT all -- anywhere anywhere
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
>
> Chain RH-Firewall-1-INPUT (2 references)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere
> ACCEPT icmp -- anywhere anywhere icmp any
> ACCEPT esp -- anywhere anywhere
> ACCEPT ah -- anywhere anywhere
> ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
> ACCEPT udp -- anywhere anywhere udp dpt:ipp
> ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
> ACCEPT all -- anywhere anywhere state
> RELATED,ESTABLISHED
> ACCEPT tcp -- anywhere anywhere state
> NEW tcp dpt:ssh REJECT all -- anywhere anywhere
> reject-with icmp-host-prohibited
>
> >From what is posted above, does it appear that iptables is the issue?
>
> Thanks for all the help and advice!
>
> Kind regards,
> ~Ray
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
> BEGIN-ANTISPAM-VOTING-LINKS
> ------------------------------------------------------
> Teach CanIt if this mail (ID 900640) is spam:
> Spam: http://neelix.grote.net/canit/b.php?c=s&i=900640&m=45a487d73292
> Not spam: http://neelix.grote.net/canit/b.php?c=n&i=900640&m=45a487d73292
> Forget vote: http://neelix.grote.net/canit/b.php?c=f&i=900640&m=45a487d73292
> ------------------------------------------------------
> END-ANTISPAM-VOTING-LINKS
--
Het.Grote.Net WebMail, powered by OpenWebMail
--
More information about the CentOS
mailing list