On Tuesday 15 October 2002 3:32 pm, Dan Searle wrote: > > I keep getting "domainname can not be found. Please check the name and > > try again" from my browser. This only happens for new web sites (i.e., > > Yahoo works fine). As this seems somewhat like a DNS issue, I tried > > adding this: > > > > iptables -A OUTPUT -p tcp --destination-port nameserver -j ACCEPT > > > > but it didn't work. Any ideas? Thanks. > > iptables -A OUTPUT -p tcp --dport domain -j ACCEPT > iptables -A OUTPUT -p udp --dport domain -j ACCEPT > > You want to use the service name "domain", not "nameserver", In my version of /etc/services those are synonymous - 'domain' is the primary name of the service, and 'nameserver' is listed as an alias. > also I think > domain lookups use the udp protocol also. (Don't quote me on that one :-) General rule for DNS is: Client lookup on server uses UDP Server to server transfers use TCP Antony. -- Documentation is like sex: when it's good, it's very very good; when it's bad, it's still better than nothing.
