Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
RE: [suse-security] Firewall
  • From: "Stefan Nauber" <nauber@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 13 Feb 2001 07:32:17 +0100
  • Message-id: <000001c09586$bb8cff70$1d01a8c0@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
High,

...
> My Firewall settings:
>
> ipchains -P forward DENY
> ipchains -A forward -j MASQ -s $LOCALNET -d $INTERNET -i eth0
> ipmasqadm portfw -f
> ipmasqadm portfw -a -P tcp -L $PUBLICIP 53 -R $LOCALIP 53

Don't forget that DNS queries are UDP not TCP. But you still need TCP for
zone transfers (if really want and need them).

Greetings,

Stefan


< Previous Next >
References