Do not fail iptables rules gen on name resolution failure.
Under high load, of course we can have DNS problems. However, perl seems to get stuck on retry; it's like the nak gets cached (which would be extremely odd, but can't argue with the evidence). Anyway, if resolution continues to fail, give up and feed the name to iptables, and let it try :).
Showing with 12 additions and 7 deletions