Safe to allow/ignore nameservers/DNS traffic in the firewall?

postcd

Hello,

i got nameserver block in /etc/resolv.conf

opennicproject.org

nameserver 50.116.23.211

nameserver 209.141.53.57

nameserver 50.116.40.226

nameserver 199.195.249.174

Google corp.

nameserver 8.8.8.8

nameserver 8.8.4.4

opendns.com by Cisco

nameserver 208.67.222.222

nameserver 208.67.220.220

Is it safe to allow,ignore any excessive traffic from these IPs in firewall?

Or how you would set IPtables?

tommy

keep them coming.

lowendhelpdesk

Ask everything

century1stop

iptables -F will fix 'em

Fusl

nameserver Name server IP address

Internet address of a name server that the resolver should query, either an IPv4 address (in dot notation), or an IPv6 address in colon (and possibly dot) notation as per RFC 2373. Up to MAXNS (currently 3, see <resolv.h>) name servers may be listed, one per keyword. If there are multiple servers, the resolver library queries them in the order listed. If no nameserver entries are present, the default is to use the name server on the local machine. (The algorithm used is to try a name server, and if the query times out, try the next, until out of name servers, then repeat trying all the name servers until a maximum number of retries are made.)

postcd

@Fusl you wanted to say that banning/whitelisting nameservers IPs in firewall canot help in any way?

PrincessOfCats

@postcd said:
@Fusl you wanted to say that banning/whitelisting nameservers IPs in firewall canot help in any way?

Up to 3 nameservers may be listed in resolv, the OP has waaaaay over that.