DNS w/o disabling firewall & selinux
Posted: Sat May 23, 2009 10:54 pm
On master, along w/ opening udp port 53, open tcp port 53 for zone transfer.
In slave's named.conf, locate zone transfer to slaves directory. SELinux only allows named to write to the data and slaves directory.
Ex.
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
zone "rivendell" {
type slave;
file "slaves/db.rivendell";
masters { 192.168.2.107; };
};
Seem to work,
-Wes
In slave's named.conf, locate zone transfer to slaves directory. SELinux only allows named to write to the data and slaves directory.
Ex.
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j ACCEPT
zone "rivendell" {
type slave;
file "slaves/db.rivendell";
masters { 192.168.2.107; };
};
Seem to work,
-Wes