Question about port for NSLOOKUP
Barry Margolin
barmar at genuity.net
Mon Apr 24 23:14:13 UTC 2000
In article <025501bfae3d$98abd7a0$093e0ad1 at comcity.com>,
hostmaster <Hostmaster at comcity.com> wrote:
>How can I make this work if its dynamically assigned? There must be someway
>I can block ports but still be able to use NSLOOKUP.
Nope. This is the normal way that UDP-based applications work -- they send
*to* a well-known port, but the requests come *from* a dynamic port.
You could configure your filters to only allow packets to high-numbered
ports if they're from your nameserver.
--
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
More information about the bind-users
mailing list