#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2002
    Location
    Redding
    Posts
    49
    Rep Power
    13

    Iptables & BIND 9


    Greetings! Question is:

    How should I configure Iptables to allow for zone transfers from BIND(Master)?

    I couldn't get a zone file transfer from my DNS box until I killed Iptables. I already have my firewall configured for port 53 UDP to be open, must port 53 TCP be open as well?

    Thanks for your help if you do.
  2. #2
  3. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    17
    Code:
    iptables -A INPUT -p udp --dport 53 -s i-do-transfers.com -j ACCEPT
    Change i-do-transfers.com to the IP/name of the machine that is making the zone transfer.

    You will need the usual related,established stuff to allow packets that are part of already-established connections to come in.
    Alex
    (http://www.alex-greg.com)
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2002
    Location
    Redding
    Posts
    49
    Rep Power
    13

    Thank-you


    I fixed the problem just as you said. Works fine now, I really appricate it.
  6. #4
  7. Full Access
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Jun 2000
    Location
    London, UK
    Posts
    2,019
    Rep Power
    17
    Cool
    Alex
    (http://www.alex-greg.com)

IMN logo majestic logo threadwatch logo seochat tools logo