Skip to content
This repository has been archived by the owner on Jun 20, 2024. It is now read-only.

offer guideance on how to make DNS work with firewalld #2208

Open
rade opened this issue Apr 25, 2016 · 1 comment
Open

offer guideance on how to make DNS work with firewalld #2208

rade opened this issue Apr 25, 2016 · 1 comment
Labels
chore [component/dns]

Comments

@rade
Copy link
Member

rade commented Apr 25, 2016
edited
Loading

typical firewalld installations have rules that prevent weaveDNS from working. As of #1349 we detect this and show a warning. But we provide no guidance on how resolve the problem. Hence we regularly get queries from users - several in #1266 and also #2192 - and folks end up either disabling firewalld or removing the reject rule that breaks weaveDNS, making the firewall rather less effective in the process.

AFAICT, it should be possible to come up with some firewall-cmds that make weaveDNS work w/o disabling other rules.
@owlab-exp
Copy link

owlab-exp commented Dec 27, 2016
edited
Loading

This worked for me.

firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p tcp --dport 53 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 53 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -p tcp --dport 53 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -p udp --dport 53 -j ACCEPT

@bboreham bboreham mentioned this issue Jan 18, 2019
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
chore [component/dns]
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rade @owlab-exp