PORT 53 关闭了,打不开

PORT 53 is closed, cant open it

我有一个 Centos 云服务器,我已经为服务器配置了命名服务但是我无法从外部访问它。你能帮助我吗?我做错了什么?

如果我从服务器执行它,它会完美运行:

# dig @74.208.73.61 paisgdl.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6_6.2 <<>> @74.208.73.61 paisgdl.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49672
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;paisgdl.com.                   IN      A

;; ANSWER SECTION:
paisgdl.com.            86400   IN      A       74.208.73.61

;; AUTHORITY SECTION:
paisgdl.com.            86400   IN      NS      ns.paisgdl.com.

;; ADDITIONAL SECTION:
ns.paisgdl.com.         86400   IN      A       74.208.73.61

;; Query time: 0 msec
;; SERVER: 74.208.73.61#53(74.208.73.61)
;; WHEN: Thu Mar 26 14:40:04 2015
;; MSG SIZE  rcvd: 78

如果我从外面做同样的事情怎么行不通

# dig @74.208.73.61 paisgdl.com

; <<>> DiG 9.3.3rc2 <<>> @74.208.73.61 paisgdl.com
; (1 server found)
;; global options:  printcmd
;; connection timed out; no servers could be reached

我尝试使用 IPTABLES 打开端口,但它不起作用 # 服务 iptables 状态

Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
5    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21
6    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:443
8    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8443
9    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8447
10   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
11   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
13   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Netstat 报告:

# netstat -tanpl|grep named
tcp        0      0 74.208.73.61:53             0.0.0.0:*                   LISTEN      4026/named
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      4026/named
tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN      4026/named
tcp        0      0 :::53                       :::*                        LISTEN      4026/named

页面 http://www.yougetsignal.com/tools/open-ports/ 说:

Closed Port 53 is closed on 74.208.73.61

有什么想法吗??哪里被屏蔽了,如何解除屏蔽?

您的部分 iptables 配置:

10   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
11   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
13   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53

您的 named 规则出现在 之后 拒绝所有规则,因此从未评估过。将它们重新排序为:

10   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
11   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
12   ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53
13   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited