> named.conf { query-source port 53; } .. what else do i forgot to do here so
> that when i can run the DNS server with firewall on it... can some one show
> me the door thru it.. thanks...
In order to let a DNS work you have to:
- allow it to send packets to port 53 on UDP and TCP to other DNS servers.
- allow it to receive request on port 53 on UDP and TCP from hosts and
others DNS servers.
Also, i recomend upgrading to 9.2.1 (9.2 contains a bug that allows
someone to down your named) and use ACLs in named.conf, to specify who
is allowed to request a zone transfer, normal request and who is not
allowed anything at all.
Regards,
Maciej Soltysiak
