[lug] logger entry for punching hole for nameserver
Nate Duehr
nate at natetech.com
Wed Apr 25 22:32:44 MDT 2001
On Mon, Apr 23, 2001 at 10:35:00PM -0500, charles at lunarmedia.net wrote:
> logger: punching nameserver 207.229.143.2 through the firewall
>
> i just recently built a box that acts as firewall of sorts/nat. it
> receives its public address via dhcp from my cable modem provider.
> is this log entry normal? why exactly is a "hole" being punched through
> the firewall?
> i have a default outbound policy set to ALLOW and my inbound are strict,
> but still allow for packets with a source of tcp/udp 53.
>
> thanks -charles
Modern nameservers use high ports for their recursive queries to other
nameservers, not sure if that's what this is referring to...?
BIND no longer specifically uses port 53 for queries to the roots and
other nameservers unless you force it to with the "query-source-address"
statement in the options.
It actually hasn't used 53 for queries for a number of versions now...
Perhaps something in your config recognizes that you have BIND installed
and adjusts the firewall accordingly?
--
Nate Duehr <nate at natetech.com>
GPG Key fingerprint = DCAF 2B9D CC9B 96FA 7A6D AAF4 2D61 77C5 7ECE C1D2
Public Key available upon request, or at wwwkeys.pgp.net and others.
More information about the LUG
mailing list