port 53
Maciej Soltysiak
solt@dns.toxicfilms.tv
Tue, 25 Sep 2001 08:37:58 +0200 (CEST)
> I have a DNS on my RedHat 7.1 Linux server. I want to drop all requests
> on port 53 with one exception: the requests from my ISP DNS server.How
> can I do this with iptables?
well it depends on your strategy of placing rules, but you can add:
iptables -A INPUT -i EXT_INTERFACE -p tcp -s ISP_IP -d YOUR_IP --dport 53\
-j DROP
iptables -A INPUT -i EXT_INTERFACE -p udp -s ISP_IP -d YOUR_IP --dport 53\
-j DROP
these will DROP all packets from your ISP to your computer on ports 53 on
protocols udp & tcp. i added -i EXT_INTERFACE because i don't know your
FW configuration and your interfaces.
> Thank you
You are welcome.