* David Barnes MSc;
FW_SERVICES_INT_TCP="domain www 3128" FW_SERVICES_INT_UDP="domain" FW_SERVICES_INT_IP="" FW_SERVICES_QUICK_TCP="" FW_SERVICES_QUICK_UDP="" FW_SERVICES_QUICK_IP="" FW_TRUSTED_NETS="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="ftp-data DNS"
DNS in TCP is used only in zone tranfers should it becomes necessary normally you would not put DNS here
FW_ALLOW_INCOMING_HIGHPORTS_UDP="domain ntp"
I would add DNS here. domain means port 53 only when you have DNS then SuSEfirewall2 checks the entries in your /etc/resolv.conf and add the nameservers as permitted sources -- Togan Muftuoglu | Unofficial SuSE FAQ Maintainer | Please reply to the list; http://susefaq.sf.net | Please don't put me in TO/CC. Nisi defectum, haud refiecendum