I'm trying to set up some firewall rules for allowing SSH, incoming ping, munin, and MySQL between one server and another (all those services are working fine with my rules), but when I apply the rules, I can no longer ping or resolve any DNS (so I can ping 74.125.225.65 but not google.com).
Here are the rules I'm using:
# Accept traffic on localhost:
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow SSH from anywhere:
iptables -A INPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT
# Accept ICMP Ping requests (incoming and outgoing):
iptables -A INPUT -p icmp -j ACCEPT
iptables -A OUTPUT -p icmp -j ACCEPT
# Allow munin from subdomain.example.com:
iptables -I INPUT -p tcp -s 123.23.45.1 --dport 4949 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -I OUTPUT -p tcp -d 123.23.45.1 --dport 4949 -m state --state ESTABLISHED -j ACCEPT
# Allow MySQL from subdomain.example.com:
iptables -I INPUT 2 -p tcp -s 123.23.45.1 --dport 3306 -j ACCEPT
iptables -A OUTPUT -p tcp -d 123.23.45.1 --dport 3306 -j ACCEPT
# Drop all other traffic:
iptables -A INPUT -j DROP
resolv.conf, /etc/hosts, etc. are all correct, and if I simply do a $ iptables -F, and ping google again, it works fine. Only after the firewall rules are applied do I get ping: unknown host google.com.
You have no rules to allow DNS traffic, so how could it work?