From Bugzilla Helper: User-Agent: Mozilla/5.0 Galeon/1.2.0 (X11; Linux i686; U;) Gecko/20020509 Description of problem: in the "high" security firewall settings with DHCP, "ifup eth0" will not create additional rules for the name servers. This seems because the "iptables" syntax used in the /etc/sysconfig/network-scripts/ifup is no longer valid, it uses something like "... -m udp ... --sport 53 -p udp". Changing this to "... -p udp -m udp .. --sport 53" makes it work again. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. configure firewall into "high security" (lokkit or on install) 2. use DHCP for eth0 (simulate a BOOT=no situation for eth0): 3. ifdown eth0 4. service iptables restart 5. ifup eth0 Actual Results: DNS replies don't make it through the firewall Expected Results: DNS replies from the DHCP-configured nameserver should be accepted, i.e. a new rule should appear in "iptables -L" Additional info:
This should be fixed in 6.91-1 or later