On Thu, Aug 09, 2007 at 10:42:30PM +0200, thomas polnik wrote: > > You may want to try without the firewall. > > > > > without iptables is perhaps a bad idea :), but I will change it to > iptables -I INPUT 1 -p udp --dport 53 -j ACCEPT > iptables -I INPUT 2 -p tcp --dport 53 -j ACCEPT
This is wrong - you need to accept packets *coming* from port 53 for answers as well. Otherwise PowerDNS can't receive answers to the questions it is sending out! The trick is to rely on stateful iptables filtering. Good luck! -- http://www.PowerDNS.com Open source, database driven DNS Software http://netherlabs.nl Open and Closed source services _______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com http://mailman.powerdns.com/mailman/listinfo/pdns-users