1. I have tried both IN and OUT and I am not seeing any error messages or anything *obvious* 2. With those FW rules in place I can do NSLOOKUP on the domain anme with no problems. > Regarding the timeout issue, do as Grant recommended. May be you should > log in OUTPUT too, at least if logging in INPUT will not show the problem. > > Have a nice time, > > Joerg -- Michael Hallager networkStuff ltd www.networkstuff.co.nz | p.09.839.1000 | m.029.638.7883
