I'm new to IPtables, but I am trying to setup a secure server to host a website and allow SSH. This is what I have so far:

#!/bin/sh

i=/sbin/iptables

# Flush all rules
$i -F
$i -X

# Setup default filter policy
$i -P INPUT DROP
$i -P OUTPUT DROP
$i -P FORWARD DROP

# Respond to ping requests
$i -A INPUT -p icmp --icmp-type any -j ACCEPT

# Force SYN checks
$i -A INPUT -p tcp ! --syn -m state --state NEW -j DROP

# Drop all fragments
$i -A INPUT -f -j DROP

# Drop XMAS packets
$i -A INPUT -p tcp --tcp-flags ALL ALL -j DROP

# Drop NULL packets
$i -A INPUT -p tcp --tcp-flags ALL NONE -j DROP

# Stateful inspection
$i -A INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT

# Allow established connections
$i -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Allow unlimited traffic on loopback
$i -A INPUT -i lo -j ACCEPT
$i -A OUTPUT -o lo -j ACCEPT

# Open nginx
$i -A INPUT -p tcp --dport 443 -j ACCEPT
$i -A INPUT -p tcp --dport 80 -j ACCEPT

# Open SSH
$i -A INPUT -p tcp --dport 22 -j ACCEPT

However I've locked down my outgoing connections and it means I can't resolve any DNS. How do I allow that? Also, any other feedback is appreciated.

James