I've been given a task to create a DNS server for a subdomain with a delegated DNS zone. I did test the zone file and using the dig tool, I can confirm it is working when called for localhost and the IP of the server, however when using dig via a global server, it fails to resolve and timeouts. My supervisor told me the issue appears to be with the iptables rules added, but I cannot figure what it might be. The following screenshot presents the packet that comes in when being accessed (I've hidden the IPs for security reasons, sorry): https://prnt.sc/f6sJxmTDirsP
The script lines below are the iptables rules that I am currently running (note on port 53):
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [121:27920]
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p udp --sport 53 -j ACCEPT
-A OUTPUT -p udp --dport 53 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT