Hello to all,

I have a small problem.
I would like to reassure two DNS machines (a primary and a secondary) with iptables

By default I block everything, but even with rules for the port 53, it blocks the queries needing to resolve via the primary, and the secondary does not manage to transfer the zones of the primary

DNS are on public ip, but to simplify, we are going to say that:

The primary DNS is:
The secondary DNS is:

Here are iptables rules(sliders) which I have at present:

iptables -F
iptables -t nat -F
iptables -t mangle -F
iptables -X
iptables -t nat -X
iptables -t mangle -X

iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

iptables -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -A INPUT -p udp --dport 53 -j ACCEPT

iptables -A INPUT -i lo --source --destination -j ACCEPT

Thus with these rules, I have quite a lot of problems (resolutions, transfersof zones)
I found these rules on a forum, that seems to be interesting but as I do not know there not iptable, I ignore if it is what I miss or not.
For information here is all the same what I found (not tested):

#iptables -A INPUT -p tcp -s --sport 1024:65535 -d -dport 53 -m state state NEW,ESTABLISHED -j ACCEPT
#iptables -A OUTPUT -p tcp -s --sport 53:65535 -d -dport 1024:65535 -m state state ESTABLISHED -j ACCEPT
If somebody can help me

Thank you

PS: server are under Linux Mandrake