Still seeing packets

[rds]

That, my friend is a harmless DNS lookup. as in nslookup www.yahoo.com =
<the ip address>.

----- Original Message -----
From: "Patrick Nelson" <pnelson@neatech.com>
To: "Netfilter List (E-mail)" <netfilter@lists.samba.org>
Sent: Tuesday, October 23, 2001 4:08 PM
Subject: Still seeing packets


> So I have rules to block ports 137 and 138 udp on the output of the
external
> interface.  Which seems to have taken care of most of the smb nmb traffic.
>
> I have noticed (using tcpdump -i <external interface>) that when someone
> starts Outlook2K I see a packet go out the external interface of the
> firewall that looks like:
>
> fwsys1.61367 > ns1.domain: 1+ A? WASH.WOODS. (35)
> ns1.domain > fwssy1.61367: 1 NXDomain* 0/1/0 (110)
>
> What is this or better how can I stop it?