iptables阻止所有DNS查询

我一直在使用CentOS 6，最近没有使用主机名的传出连接。 这可能是由于iptables阻止了所有的DNS查询，因为一旦防火墙被禁用，没有问题。

# Generated by iptables-save v1.4.7 on Thu Jul 20 17:40:16 2017 *mangle :PREROUTING ACCEPT [672953:127627705] :INPUT ACCEPT [6652:691635] :FORWARD ACCEPT [661443:126705426] :OUTPUT ACCEPT [7875:3320683] :POSTROUTING ACCEPT [598139:125758733] COMMIT # Completed on Thu Jul 20 17:40:16 2017 # Generated by iptables-save v1.4.7 on Thu Jul 20 17:40:16 2017 

上述规则可能是这个问题的原因吗？

iptables -L -n -v输出iptables -L -n -v ：

 Chain INPUT (policy DROP 2493 packets, 403K bytes) pkts bytes target prot opt in out source destination 416 34155 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 697 64133 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,25,80,443,4082,4083,4084,4085,587 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123 1228 42752 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 8443,2087,2086,10000 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:5901:7000 0 0 ACCEPT all -- * * <some_IP> 0.0.0.0/0 0 0 tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW recent: SET name: DEFAULT side: source 0 0 DROP tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW recent: UPDATE seconds: 60 hit_count: 6 name: DEFAU LT side: source 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 1 140 ACCEPT all -- * * <some_IP> 0.0.0.0/0 0 0 ACCEPT all -- * * <some_IP> 0.0.0.0/0 0 0 ACCEPT all -- * * <some_IP> 0.0.0.0/0 0 0 ACCEPT all -- * * <some_IP> 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 Chain FORWARD (policy ACCEPT 745K packets, 370M bytes) pkts bytes target prot opt in out source destination 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 0 0 DROP tcp -- * * 0.0.0.0/0 <some_IP> 2 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 0 0 DROP tcp -- * * 0.0.0.0/0 <some_IP> 0 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 7554 450K DROP tcp -- * * 0.0.0.0/0 <some_IP> tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 4 240 DROP tcp -- * * 0.0.0.0/0 <some_IP> 48 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 0 0 DROP tcp -- * * 0.0.0.0/0 <some_IP> 4 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 0 0 DROP tcp -- * * 0.0.0.0/0 <some_IP> 33 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 1 40 DROP tcp -- * * 0.0.0.0/0 <some_IP> tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 1 40 DROP tcp -- * * 0.0.0.0/0 <some_IP> tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 2 120 DROP tcp -- * * 0.0.0.0/0 <some_IP> 54 tcp dpt:25 4 240 DROP tcp -- * * 0.0.0.0/0 <some_IP> 53 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 0 0 DROP tcp -- * * 0.0.0.0/0 <some_IP> 52 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 0 0 DROP tcp -- * * 0.0.0.0/0 <some_IP> 49 tcp dpt:25 4 240 DROP tcp -- * * 0.0.0.0/0 <some_IP> 51 tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 0 0 DROP tcp -- * * 0.0.0.0/0 <some_IP> tcp dpt:25 0 0 DROP tcp -- * * <some_IP> 0.0.0.0/0 tcp dpt:25 Chain OUTPUT (policy ACCEPT 4522 packets, 880K bytes) pkts bytes target prot opt in out source destination 3 120 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport sports 25,587 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 1228 42752 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0 

• PXE – LiveCD突然不能加载很多单元，为其他许多单元工作？
• 将md raidarrays从Centos 6.9盒子移动到Debian 9
• 在CentOS / Fedora中创build+redirect新的用户主目录
• Cent OS 6.8 smbv2
• 服务器冻结，找不到原因

 iptables -A INPUT -p udp --sport 53 -j ACCEPT