Thank you, this line seems to work like I expected.
Tom Eastep schreef op 21-8-2014 18:04:
On 8/21/2014 5:20 AM, Ruud Baart wrote:
I had a problem with our DNS servers. I turned out that the DNS servers
were very, very busy with rejecting answers. See discussion "Blocking
DNS cache queries". I assume DNSAmp is the formal incorporation of the
solution.
Please give the attached version a try -- any packet that it matches
will also be matched by your 'imperfect' version.
IPTABLES(@1) - - udp 53 ; -m u32 --u32
"0>>22&0x3C\@8&0xffff=0x0100 && 0>>22&0x3C\@12&0xffff0000=0x00010000"
Thanks,
-Tom
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Regards,
Ruud Baart
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
