[CentOS] Help with iptables rule for blocking UDP port 53
nate
centos at linuxpowered.net
Tue Jul 15 16:55:38 UTC 2008
Sean Carolan wrote:
> What is confusing me is why my iptables rule is not working correctly.
> TCPdump shows that the source is correct. Any ideas?
try blocking tcp as well, most name servers listen on both tcp and
udp.
portal:~# netstat -anp | grep :53 | grep named
tcp 0 0 10.10.10.1:53 0.0.0.0:* LISTEN
12978/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
12978/named
tcp 0 0 216.39.174.24:53 0.0.0.0:* LISTEN
12976/named
udp 0 0 10.10.10.1:53 0.0.0.0:*
12978/named
udp 0 0 127.0.0.1:53 0.0.0.0:*
12978/named
udp 0 0 216.39.174.24:53 0.0.0.0:*
12976/named
nate
More information about the CentOS
mailing list