[Pdns-users] pdns error sendto

[Bart Smit]

Liong Kok Foo wrote:

> What other iptables firewall you guys
> are using for CentOS? I used APF because it is something easy to
> configure and it was working fine years ago when I started using it.

Personally I wouldn't put a DNS server behind any stateful firewall at
all. Validating DNS reply packets is a rather specialized task requiring
deep protocol understanding, and is best carried out by the name server
itself. A dumb (stateless) packet filter is what you really want.

Bart