Hi Rob, many thank's for your quick reply. > > From time to time the log rule next to the output section show's this: > > Feb 17 10:59:01 gerry kernel: IPT OUTPUT packet died: IN= OUT=eth0 > > SRC=192.168.0.1 DST=217.89.23.137 LEN=61 TOS=0x00 PREC=0x00 TTL=64 > > ID=19170 DF PROTO=UDP SPT=32769 DPT=53 LEN=41 > These are indeed "some" rules, not all. There are none before these in the > OUTPUT chain that could block outgoing traffic ? (You say you use Oscar's > script but you could have modified it.) I set my filter rules to the original of Oscar Andreason, without any success. > I have not seen your other rules for this chain and assuming there's no DROP > or REJECT or such rule in the chain, why do you even bother to set rules in it > ? It seems you want to allow everything which is the same as policy set to > ACCEPT and no rules in it. it seem's I've found the problem. I had my DSL-Modem router in the /etc/resolv.conf There are no packet's the the time anymore of port 53. -- Best Regards, Mark
