[CentOS] Help with iptables rule for blocking UDP port 53

kfx kadafax at gmail.com
Tue Jul 15 17:19:25 UTC 2008

Sean Carolan wrote:
> I would like to block all DNS queries that come from one particular ip
> address.  I used TCPdump to verify that the queries were in fact,
> coming from this IP:
> [scarolan at server:~]$ sudo tcpdump -n udp port 53 and src
> tcpdump: listening on eth0
> 11:12:17.162100 >  14270+ A?
> server.domain.com. (32) (DF)
> Could someone help with the proper syntax for an IPtables rule to
> block port 53 udp traffic from this IP?  I tried this rule but it
> doesn't work:
> -A RH-Firewall-1-INPUT -s -m udp -p udp --dport 53 -j REJECT
Strange...your rule seems ok to me. Try with DROP instead of REJECT ?

More information about the CentOS mailing list