bind 9.2 firewal lconf
Mark Damrose
mdamrose at elgin.cc.il.us
Fri Mar 15 13:22:56 UTC 2002
"Evan" <bcaresearch at qc.aibn.com> wrote in message
news:a6qufn$370 at pub3.rc.vix.com...
> Is this a good conf for ipchains for a bind server?
>
You'll get much better answers if you give some more info.
Explain what the BIND server is for - recursive server for internal clients,
authoritive server for domains you host, or both.
Is eth0 an inside interface or an outside interface (hint you allow anything
from anywhere on eth0).
news:comp.os.linux.security might be a better place to ask.
> :input ACCEPT
> :forward ACCEPT
> :output ACCEPT
> -A input -s 0/0 -d 0/0 21 -p tcp -y -j ACCEPT
> -A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT
> -A input -s 0/0 -d 0/0 -i lo -j ACCEPT
> -A input -s 0/0 -d 0/0 -i eth0 -j ACCEPT
> -A input -s 205.205.218.5 53 -d 0/0 -p udp -j ACCEPT
> -A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
> -A input -s 0/0 -d 0/0 -p udp -j REJECT
>
>
>
>
More information about the bind-users
mailing list