Block all incoming DNS requests EXCEPT from IPs x,y,

domain-name-system iptables tcp udp

Solution 1:

This is very simple with iptables:

I'll assume your INPUT chain has no default DROP rule at the end, or you'll have to work around that:

# Allow DNS (53) from <source IP>
iptables -A INPUT -p udp --dport 53 -s <source IP> -j ACCEPT
iptables -A INPUT -p tcp --dport 53 -s <source IP> -j ACCEPT

# Deny all other DNS requests
iptables -A INPUT -p udp --dport 53 -j DROP
iptables -A INPUT -p tcp --dport 53 -j DROP

Simply remove the two bottom rules if you have a default DROP policy. If you have a default DROP rule at the bottom of your chain, you'll have to insert (-I rulenum) these rules above that rule.

Related

How does an administrator generalize alerting when an event doesn't happen?
Does a PTR record prove anything about the sender's email domain?
Log Analyzer for Apache [closed]
yum update entire release but limit to a prior version
"No buffer space available" on connect
mod_wsgi "Call to 'site.addsitedir()' failed" on AWS Elastic Beanstalk Python 3.6 platform
dead man's switch for remote networking interventions on Linux
Upgrading from 100BASE-FX to 1000BASE-SX fiber?
What's a good tool for collecting statistics on filesystem usage? [closed]
Absolute minimal Linux install?
haproxy multihost with ssl acl
Cheap way to detect client round trip times for http