Re: Iptables rule help
Originally Posted by
Hungry Man
Instead of removing ALL inbound traffic, try...
iptables -A INPUT -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -m state –state NEW -p udp –dport 53 -j ACCEPT
iptables -A INPUT -m state –state NEW,INVALID -j REJECT
This prevents all inbound access EXCEPT for:
1) When traffic is solicited by a previous outbound connection
2) To port 53 using UDP, which will allow your DNS resolution.
...
You do not need the specific --dport 53 line. Outgoing DNS requests will: get back via the RELATED,ESTABLISHED line; not be to port 53 anyway (they will be from a port 53).
Any follow-up information on your issue would be appreciated. Please have the courtesy to report back.
Bookmarks