IPCHAINS Help
Warren Togami
warren at togami.com
Tue Oct 16 02:13:50 PDT 2001
IPCHAINS HelpAre DNS client queries outgoing TCP or UDP?
If TCP, you could REJECT or DROP incoming SYN packets to port 53, breaking
any incoming connection attempt. This will allow outgoing queries because
outgoing SYN packets are uneffected. Incoming ACK packets from these
established TCP connections come back in unhindered.
However, I think simple DNS queries are UDP. If this is the case there
isn't anything I can think of that you could do without stateful inspection
(2.4 kernel). Why do you need to block incoming connections to port 53?
----- Original Message -----
From: Ben Beeson
To: Linux & Unix Advocates & Users
Sent: Monday, October 15, 2001 10:52 PM
Subject: [luau] IPCHAINS Help
Aloha all,
I am looking for an IPCHAINS fix. I am in need of a simple DENY rule that
will allow outgoing DNS lookups, but block incoming scans on port 53. Any
ideas? (Kernel 2.4 and IPFILTER/NetFilter is not yet a player on my box...)
Mahalos in advance,
Ben
More information about the LUAU
mailing list