root@server1:/etc/bind# netstat -tap | grep named
tcp 0 0 localhost:953 *:* LISTEN 14323/named
tcp 0 0 server1.dynainte:domain *:* LISTEN 14323/named
tcp 0 0 localhost:domain *:* LISTEN 14323/named
tcp6 0 0 localhost:953 [::]:* LISTEN 14323/named
tcp6 0 0 [::]:domain [::]:* LISTEN 14323/named
root@server1:/etc/bind# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-courierimaps tcp -- anywhere anywhere multipo rt dports imaps
fail2ban-sasl tcp -- anywhere anywhere multiport dport s smtp
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
fail2ban-pureftpd tcp -- anywhere anywhere multiport d ports ftp
fail2ban-courierpop3s tcp -- anywhere anywhere multipo rt dports pop3s
fail2ban-courierpop3 tcp -- anywhere anywhere multipor t dports pop3
fail2ban-courierimap tcp -- anywhere anywhere multipor t dports imap2
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-courierimap (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-courierimaps (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-courierpop3 (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-courierpop3s (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-pureftpd (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-sasl (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
root@server1:/etc/bind#
Also noted..
http://www.geektools.com/digtool.php
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 6 < if i use ns1.abc123.com
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6 < if i use the ip of the server.
Not sure if that matters or not.