> -----Original Message----- > From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx > [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of > Carlos Pastorino > Sent: Saturday, January 14, 2006 6:38 AM > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: Fwd: Conntrack and DNS > > No one has any idea about this? > > Thanks, > > Carlos Pastorino > Give me the full output of iptables-save and I'll give it a shot. Although it doesn't seem to be your problem, consider adding TCP port 53 (domain) as well since long DNS replies get sent over TCP. Derick Anderson
