FC-5 iptables question
Peter Horst
phorst at speakeasy.net
Tue Aug 1 03:41:01 UTC 2006
Sorry, kind of a dumb question. I'm trying to open a port to allow DNS
traffic (port 53, UDP and TCP). I tried a quick nmap from outside my
network, and though the tcp port shows up open, there's no reading from
the udp port. How can I tell if I've opened the port correctly? Here's
what I think is the relevant output from 'service iptables status' -
does this look right? Thanks much...
Chain RH-Firewall-1-INPUT (2 references)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
type 255
3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp
dpt:5353
6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:631
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:631
10 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
NEW tcp dpt:22
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
NEW tcp dpt:25
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
NEW tcp dpt:80
14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
NEW tcp dpt:443
15 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
NEW tcp dpt:53
16 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state
NEW udp dpt:53
17 REJECT all -- 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
More information about the fedora-list
mailing list