арод помогите на серваке установлен bind без включеного фарвола iptables зоны резолвяться нормально кактолько включаю iptables коннект к серваку проходит но на резолв имен пишет таймаут вот конфиг . подскажите плиз в чем ошибка? komplexb:~ # iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp flags:ACK/ACK ACCEPT tcp -- anywhere anywhere tcp multiport dports ftp-data,ftp,smtp,ni-ftp,domain,http,pop3,ident,imap,https,pptp ACCEPT tcp -- 213.221.6.0/24 anywhere tcp multiport dports ssh,44337,ndmp,mysql ACCEPT tcp -- 10.111.0.0/16 anywhere tcp multiport dports ssh,44337,ndmp,mysql ACCEPT udp -- anywhere anywhere udp spt:domain dpts:1024:65535 ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpts:1024:iad1Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination DROP tcp -- anywhere !10.111.0.0/16 tcp dpt:ftp ACCEPT tcp -- anywhere komplexb.butovonet.ru tcp dpt:http ACCEPT tcp -- anywhere nai-update.kerio.com tcp dpt:http DROP tcp -- anywhere anywhere tcp dpt:http DROP tcp -- anywhere anywhere tcp dpt:30375
|