Date: Thu, 19 Mar 2015 15:10:13 +0000 From: Matthew Seaman <matthew@freebsd.org> To: freebsd-questions@freebsd.org Subject: Re: public network traffic to my ip address port 53 Message-ID: <550AE6D5.3000109@freebsd.org> In-Reply-To: <550AE2A7.3010903@gmail.com> References: <550AE2A7.3010903@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Ug0JedUG6bIoAOpTp2Wkxw04ooETMNNxR Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 03/19/15 14:52, Ernie Luzar wrote: > In my firewall log I see thousands of udp packets from ip addresses all= > over the word trying to access my freebsd gateway server on port 53. > Right now I am blocking them and see no negative effects. > Is there any valid reason to allow these unsolicited inbound packets > access to my system on port 53? This is DNS traffic. There's no need to allow people from outside to connect into your systems unless you're running an authoritative DNS server, but you should be aware that most of the DNS traffic you see will probably have originated from your own systems, and you are seeing the responses to queries your users have made. This will frequently involve servers not obviously related to the addresses you're looking up, as your systems try and find the right authoritative servers. Note that while DNS is (mostly) a UDP protocol. and UDP is stateless, so all you can see are packets going in various directions and no established connections, any stateful firewall such as pf or ipfw will allow you to permit outgoing queries only, by using stateful firewall rul= es. Cheers, Matthew --Ug0JedUG6bIoAOpTp2Wkxw04ooETMNNxR Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJVCubVXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnVTcQAJsK1FbbxoHABX2HynQlrq8f /5FtDHHDFbQA0R+/p5rT2QSsptSVj5t1f+NS2mEKgMeTBJaESP4Y3aT1CHv47lpa AWqg+yP2ZA4Pn1heOk4GpI9qxgRoGIiUX2xjA6T2DvcDvrNf3eWwE3gSgsUTECOv 8Hv5vBQK2oEiaGwb91Z+J6k7Gi3b2vDWhusAut+rG5IiGh9s9vujwTDIAOl5y1TI AV93j4sYhZKuXGkaqiv/HKxxI+y0oHYOJfxzF4AO7sQ0SOVVrIdGNtoxFrJq6eXy GVZ50Nic2fQjK+OjMhRQUax2U5hBHrNECeV5qFfbY7gvhrwgcbW5BuX8vPIN5jXy d4KGXdELFJyfBzE2TCd1SjMOkiAHfZ7zbVCtlmVCFORka4maWH7Q8D9i2VRdUOdK smSmwMr8Zfhi71lLiVCk9jFt8mO84Rx0arPPlX1s0q1my0Dik2a4F75eYqEMEMpd j/oIT8goR88+aooQs8aE4cUsikDelABOzMUKhpwZo/Fd5zC1YDit7b0jspRFcAs7 gKEoZYLdr6pSoQoypxbmQGH+Le82nGsIl8XYTb/XikOfKZWh+ZDSleALkGgmtYfg VWN9Ww7AZH/3Esk/OSyWEIACzVSTvrDCjtYNUmze2+2yjFAKzFXofV3MK6TD3BPL OqwTMQvVMCE0uQyQ0F+C =2qiu -----END PGP SIGNATURE----- --Ug0JedUG6bIoAOpTp2Wkxw04ooETMNNxR--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?550AE6D5.3000109>