Sean Carolan wrote:
What is confusing me is why my iptables rule is not working correctly. TCPdump shows that the source is correct. Any ideas?
try blocking tcp as well, most name servers listen on both tcp and udp.
portal:~# netstat -anp | grep :53 | grep named tcp 0 0 10.10.10.1:53 0.0.0.0:* LISTEN 12978/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 12978/named tcp 0 0 216.39.174.24:53 0.0.0.0:* LISTEN 12976/named udp 0 0 10.10.10.1:53 0.0.0.0:* 12978/named udp 0 0 127.0.0.1:53 0.0.0.0:* 12978/named udp 0 0 216.39.174.24:53 0.0.0.0:* 12976/named
nate