Server resolution in iptables script?

***sweet_angel*** · April 22nd, 2003, 12:35 PM

Originally posted here by IchNiSan

To use your script,

# Define servers
NAMESERVER="insert.ip.here"
MAILSERVER="my.mail.server"
NEWSSERVER="my.news.server"

# Permit Outbound DNS
$IPT -A udp_outbound -p UDP -s $LOCAL_IFACE\
-d $NAMESERVER --destination-port 53 -j ACCEPT
# Permit Outbound SMTP
$IPT -A tcp_outbound -p TCP -s $LOCAL_IFACE\
-d $MAILSERVER --destination-port 25 -j ACCEPT
# Permit Outbound NNTP
$IPT -A tcp_outbound -p TCP -s $LOCAL_IFACE\
-d $NEWSSERVER --destination-port 119 -j ACCEPT

[/B]

I think IchNiSan got it right and how about add TCP too for DNS:

Code:

# Define servers
NAMESERVER="insert.ip.here"
MAILSERVER="my.mail.server"
NEWSSERVER="my.news.server"

# Permit Outbound DNS
$IPT -A tcp_outbound -p TCP -s $LOCAL_IFACE\
 -d $NAMESERVER --destination-port 53 -j ACCEPT
$IPT -A udp_outbound -p UDP -s $LOCAL_IFACE\
 -d $NAMESERVER --destination-port 53 -j ACCEPT
# Permit Outbound SMTP
$IPT -A tcp_outbound -p TCP -s $LOCAL_IFACE\
 -d $MAILSERVER --destination-port 25 -j ACCEPT
# Permit Outbound NNTP
$IPT -A tcp_outbound -p TCP -s $LOCAL_IFACE\
 -d $NEWSSERVER --destination-port 119 -j ACCEPT

Hope that script works

Annya

Thread: Server resolution in iptables script?

Thread Tools

Display

Threaded View

Posting Permissions