On 19 Mar 2011, at 09:05, johhny_at_poland77 wrote: > Does somebody has an idea, that what kind of iptables/pf rule must i use to achieve this?: > > i only want to allow these connections [on the output chain]: > > on port 53 output only allow udp - dns
TCP also needs to be allowed for DNS (to allow for large DNSSEC packets). Michael
