On Thu, 02 Mar 2006 17:06:50 -0800 Tracy R Reed <[EMAIL PROTECTED]> wrote:
> Dovber Shapiro wrote: > > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j > > ACCEPT > > -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j > > ACCEPT > > > > but nmap says: > > > > 22/tcp open ssh > > 53/tcp closed domain > > Make sure you open both tcp and udp port 53 since dns uses both. I am > not very familiar with the lokkit service (I usually use shorewall if a > box needs to be a firewall) but is there some service you have to > restart in order to make those lines from /etc/sysconfig/iptables go > into effect? > Thanks, it turned out to be because of udp. It seems that lokkit is the same tool as redhat-config-securitylevel, and on the line where it said "other ports" instead of entering "53" I had to enter "53:tcp 53:udp" > -- > Tracy R Reed > http://copilotconsulting.com > 1-877-MY-COPILOT > > > -- > [email protected] > http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
