/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
Jake Colman wrote: > I have a straightforward question for one and all. Let's assume I have a > working masq setup with a set of firewall rules and that my internal machines > are successfully able to access the internet from behind my masqed server. I > want to set up a caching nameserver to resolve addresses for my internal > network. The nameserver will resolve my internal machine names with their > internal IP addresses (private Class C addresses) and will forward and cache > all queries to the external world. What changes must be made to the > named.conf file to allow this to work? I am not asking this as a DNS > question. I am pretty sure that certain parameters must be set specifically > because I have a masq server with a strong set of firewall rules. > > Thanks for your help! > > ...Jake > > -- > Jake Colman > > Principia Partners LLC Phone: (201) 946-0300 > Harborside Financial Center Fax: (201) 946-0320 > 902 Plaza Two E-mail: [EMAIL PROTECTED] > Jersey City, NJ 07311 www.principiapartners.com i'd recommend telling your name server to use port 53 as the source port for its queries. see http://fwup.org/firewall.policy for details. this allows yuo to maintain a strong ruleset since incoming udp packets need only be allowed to port 53. by default, recent name servers use ephemeral ports. raf _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
