Hello, I saw a few threads on here and tried following their rules, however there must be a conflict with my script as I cannot get DNS to work with my current rule set. Any help is greatly appreciated
heres my script (note that my webserver sits on port 8080 and my ssh is on 26662)
#!/bin/sh
# Flushing all rules
iptables -F
iptables -X
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
# Allow unlimited traffic on loopback
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow incoming ssh and webserver only
iptables -A INPUT -p tcp --dport 26662 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 26662 -m state --state ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 8080 -m state --state ESTABLISHED -j ACCEPT
#rule in question
# iptables -A OUTPUT -p udp --dport 53 -m state --state NEw,ESTABLISHED -j ACCEPT
ALSO having that rule enabled seems to partly work, e.g if i say, ping google.com after enabling that rule then it will just sit and wait, wheras if i comment it out like it is, after trying to ping it will say "ping unknown host google.com" - Does that mean i need a forwarding rule??
Bookmarks