TCP 53 is for zone transfers, UDP 53 is for lookups. The originator of
either request will be coming from an unspecified port above 1024.
--
Jack Coates, Rainfinity SE
t: 650-962-5301 m: 650-280-4376
On Sun, 16 Jul 2000 [EMAIL PROTECTED] wrote:
>
>
> Hi,
>
> I have setup a couple of DNS servers for our internal network but do not
> want them visible to the
> outside world. I couldnt get the DNS servers do any queries to the outside
> world unless they
> had an IP address that was a NAT and had an external address.
>
> Now that I have set them up with NAT address's the DNS queries run fine but
> the DNS servers are
> also visible from the outside world. How do I either block the DNS lookups
> from the internet or
> get a DNS server to run on an address with no NAT?
>
> I have not found a rule to do this and have not been able to get FW1 to log
> any of the DNS
> traffic.
>
> I'm sure this is easy and I'm being rather thick but I would appreciate any
> tips.
>
> Thanks.
>
> Jim.
>
>
>
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
