fosiul01
asked on
telnet to 53
Hi, i have configured my server as Dns.
now I have changed others pc to look at the dns server by editing /etc/resolv.conf .
Everything is fine, internal pc can resolve anything via my dns server.
but one thing is wired.
if try to telnet to 53 port of my server it will say connection refused.
now i have added to allow any connection to come to port 53 [ hense, all internal pc can resolv any ip via my dns server] but still if i try to telnet to dns server it will not work.
now : if flush iptables then it will allow to telnet. so its iptables issue.
but I dont understand, i have opend port 53 still why i am not able to telnet port 53 ?
I have attached my iptables -L here [ yo will seee the before last line, i have addedd trafiq to allow port 53]
now I have changed others pc to look at the dns server by editing /etc/resolv.conf .
Everything is fine, internal pc can resolve anything via my dns server.
but one thing is wired.
if try to telnet to 53 port of my server it will say connection refused.
now i have added to allow any connection to come to port 53 [ hense, all internal pc can resolv any ip via my dns server] but still if i try to telnet to dns server it will not work.
now : if flush iptables then it will allow to telnet. so its iptables issue.
but I dont understand, i have opend port 53 still why i am not able to telnet port 53 ?
I have attached my iptables -L here [ yo will seee the before last line, i have addedd trafiq to allow port 53]
[root@workshop setroubleshoot]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:n fs
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:s sh
ACCEPT udp -- anywhere anywhere state NEW udp dpt:n etbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:n etbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:n etbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:m icrosoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:h ttp
ACCEPT udp -- anywhere anywhere state NEW udp dpt:d omain
REJECT all -- anywhere anywhere reject-with icmp-ho st-prohibited
ASKER
Hellooooooooooo boSS
after long time!! i emailed you soo many times about " how are u"" ok no problem,
i added rule as Udp ,
I didnot think i need to add tcp aswell
shall i add tcp ??
[root@workshop setroubleshoot]# netstat -an | grep :53
tcp 0 0 192.168.2.116:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:53 0.0.0.0:*
udp 0 0 192.168.2.116:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 :::53 :::*
udp 0 0 :::5353 :::*
after long time!! i emailed you soo many times about " how are u"" ok no problem,
i added rule as Udp ,
I didnot think i need to add tcp aswell
shall i add tcp ??
[root@workshop setroubleshoot]# netstat -an | grep :53
tcp 0 0 192.168.2.116:53 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:53 0.0.0.0:*
udp 0 0 192.168.2.116:53 0.0.0.0:*
udp 0 0 127.0.0.1:53 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 :::53 :::*
udp 0 0 :::5353 :::*
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hahahaah yap done
i have added tcp and its able to telnet
but adding tcp is not manditory, right ??
whats the relation between telnet to 53 and tcp ??
i have added tcp and its able to telnet
but adding tcp is not manditory, right ??
whats the relation between telnet to 53 and tcp ??
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
as @Tintin said UDP is stateless I.e. you can not establish a 3 way handshake and have a telnet connection.
netstat -an | grep :53