On Tue, Apr 10, 2001 at 08:08:02PM -0400, Doug Alcorn wrote: > ipchains -A output -i $ext_interface -p udp -s $your_ip_address > $unprivaleged_ports -d $nameserver_ip 53 -j ACCEPT > > ipchains -A input -i $external_interface -p udp -s $nameserver_ip 53 > -d $your_ip_address $unprivaleged_ports -j ACCEPT DNS may also use TCP so you should allow this too.
-- Stefan Schweizer