DNS not resolving using my PUBLIC IP. DNAT not working
manz
manz_egroups@yahoo.com
Fri, 7 Dec 2001 13:49:52 -0800 (PST)
NetFilter,
My DNS is not resolving when using its public
ip. For example. nslookup www.mydomain.com <public ip>
no response but when using its private ip its okay.
Tried to read the archive but can't find any answers.
I Think my DNAT is not working, its not forwarding the
packets to my DNS LOCAL IP.
DNS resides in my firewall server.
Any links that I can refer to?
My Iptables Snippet rules
#FORWARD
$IPTABLES -A FORWARD -p TCP -s 0/0 -d $LOCAL_NS1
--dport 53 -j ACCEPT
$IPTABLES -A FORWARD -p UDP -s 0/0 -d $LOCAL_NS1
--dport 53 -j ACCEPT
$IPTABLES -A tcp_packets -p TCP -s 0/0 --dport 53 -d
$LOCAL_NS1 -j allowed
$IPTABLES -A udpincoming_packets -p udp -s 0/0 --dport
53 -d $LOCAL_NS1 -j ACCEPT
#INPUT
$IPTABLES -A INPUT -p TCP -i $INET_IFACE -j
tcp_packets
$IPTABLES -A INPUT -p UDP -i $INET_IFACE -j
udpincoming_packets
#DNAT
$IPTABLES -t nat -A DNS_EXTERNAL_DNAT -i $INET_IFACE
-p TCP -s ! 172.16.4.0/24 -d $INET_NS1 --dport 53 -j
DNAT --to-destination 172.16.4.1:53
$IPTABLES -t nat -A DNS_EXTERNAL_DNAT -i $INET_IFACE
-p UDP -s ! 172.16.4.0/24 -d $INET_NS1 --dport 53 -j
DNAT --to-destination 172.16.4.1:53
$IPTABLES -t nat -A PREROUTING -i $INET_IFACE -p TCP
-s ! 172.16.4.0/24 -d $INET_NS1 -j DNS_EXTERNAL_DNAT
__________________________________________________
Do You Yahoo!?
Send your FREE holiday greetings online!
http://greetings.yahoo.com