On Fri, Jul 11, 2008 at 7:03 PM, Johnny Hughes <jhughes at hughesjr.com> wrote: > Sean Carolan wrote: >> >> I'm attempting to block access to port 53 from internet hosts for an >> internal server. This device is behind a gateway router so all >> traffic appears to come from source ip 10.100.1.1. Here are my >> (non-working) iptables rules: >> > > If it is behind a gateway router, how is port 53 traffic getting from the > internet to that DNS server in the first place. > > Also ... IF you are PORT FORWARDING port 53 from the internet to the DNS > server, then the SOURCE IP will not be the IP of the forwarding device, but > the IP of the machine making the request. > > If this device is really behind a firewall why are you even forwarding any > traffic to it from port 53 in the first palce? > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > > Assuming a SOHO LinkSys firewall preferably with dd-wrt alternative firmware. Are you sure this DNS Server is not in the DMZ? Are you sure the port isn't opened under the UPnP section? It is conceivable that mDNS / AVAHI with a UPnP router automatically open this port on the firewall.