On Tue, Oct 15, 2002 at 03:18:14PM +0200, Kjetil Andreas Laasby wrote: > Problably because yahoo.com lies in your local DNS cache or on an cache > server behind your firewall. > > add > iptables -A OUTPUT -p tcp --destination-port domain -j ACCEPT > iptables -A OUTPUT -p udp --destination-port domain -j ACCEPT Note the rules for tcp and udp here, it's worth opening both up in case your DNS query needs a large reply. > You should also open up RELATED ICMP to minimize delay for errors. Seconded. -- FunkyJesus System Administration Team
