From 57f8db5aa18584a2355f5f770afbc1f4e918772b Mon Sep 17 00:00:00 2001
From: "bbruns@gmail.com"
 <bbruns@gmail.com@e5899ace-8841-11de-95b9-8f387cfb8bc3>
Date: Sat, 5 Apr 2014 23:21:55 +0000
Subject: [PATCH]

---
 lib/iptables.inc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/iptables.inc b/lib/iptables.inc
index 3468889..db607d7 100644
--- a/lib/iptables.inc
+++ b/lib/iptables.inc
@@ -207,11 +207,12 @@ function allow_resolvconf_servers {
 		([[ ${IP_VERSION} == "ipv4" ]] && [[ ${Enablev4ConnectionTracking} == "yes" ]]) && use_conntrack="yes"
 		([[ ${IP_VERSION} == "ipv6" ]] && [[ ${Enablev6ConnectionTracking} == "yes" ]]) && use_conntrack="yes"
 
-		${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Added ${server} to DNS client trusted list"
 		if [[ ${use_conntrack} == "yes" ]]; then
+			${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Added ${server} to conntrack list for DNS traffic"
 			${VER_IPTABLES} -A ${OutPreRules} -p udp -d ${server} --dport 53 ${M_STATE} ${C_STATE} NEW,ESTABLISHED -j ACCEPT
 			${VER_IPTABLES} -A ${InPreRules} -p udp -s ${server} --sport 53 ${M_STATE} ${C_STATE} ESTABLISHED,RELATED -j ACCEPT
 		else
+			${debug} ${DebugColor} "${FUNCNAME}:${DEFAULT_COLOR} Added ${server} to DNS client trusted list"
 			${VER_IPTABLES} -A ${OutPreRules} -p udp -s ${server} --sport 1024:65535 --dport 53 -j ACCEPT
 			${VER_IPTABLES} -A ${InPreRules} -p udp -d ${server} --dport 1024:65535 --sport 53 -j ACCEPT
 			#${VER_IPTABLES} -A ${OutPreRules} -p tcp -s ${server} --sport 1024:65535 --dport 53 -j ACCEPT