I wanted to let the list know that my DNS server problem is fixed. Changes made were:
(1) adding new rules, and moving those rules to the beginning of my rules file $IPT -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -t filter -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -t filter -A INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT $IPT -t filter -A INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT $IPT -t filter -A OUTPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT $IPT -t filter -A OUTPUT -m state --state NEW -p udp --dport 53 -j ACCEPT $IPT -t filter -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -t filter -A FORWARD -m state --state NEW -p tcp --dport 53 -j ACCEPT $IPT -t filter -A FORWARD -m state --state NEW -p udp --dport 53 -j ACCEPT (2) Removed all entries from add-on scripts generated by Firestarter, namely allow-all, allow-service-all, allow-service-machine, and deny-all scripts. Problems I experienced were a result of not having a proper input/output/forward chain for DNS queries, and, forgetting about the add-on scripts. (I had added drop&log rule for china and korea nets to my deny-all file). Thanks to all who responded to my request for assitance.
