diff --git a/src/tsg_action.cpp b/src/tsg_action.cpp
index e07cd15..3aa332e 100644
--- a/src/tsg_action.cpp
+++ b/src/tsg_action.cpp
@@ -954,6 +954,11 @@ static unsigned char tsg_do_deny_action(const struct streaminfo *a_stream, struc
 
 unsigned char tsg_enforing_deny_application(const struct streaminfo *a_stream, struct maat_rule *p_result, enum TSG_PROTOCOL protocol, int app_id, enum ACTION_RETURN_TYPE type, const void *user_data)
 {
+	if(protocol==PROTO_DNS && type==ACTION_RETURN_TYPE_APP && user_data==NULL)
+	{
+		return APP_STATE_GIVEME;
+	}
+
 	struct app_id_dict *dict=(struct app_id_dict *)matched_rule_cites_app_id_dict(g_tsg_maat_feather, (long long)app_id);
 	if(dict==NULL || user_data==NULL)
 	{
@@ -997,6 +1002,11 @@ unsigned char tsg_enforing_deny(const struct streaminfo *a_stream, struct maat_r
 		return ((type==ACTION_RETURN_TYPE_PROT) ? PROT_STATE_DROPME : APP_STATE_GIVEME);
 	}
 
+	if(protocol==PROTO_DNS && type==ACTION_RETURN_TYPE_APP && user_data==NULL)
+	{
+		return APP_STATE_GIVEME;
+	}
+
 	struct maat_compile *maat_compile=(struct maat_compile *)matched_rule_cites_security_compile(g_tsg_maat_feather, p_result->rule_id);
 	if(maat_compile==NULL || maat_compile->user_region==NULL || user_data==NULL)
 	{