> Umm, > Why dont you just point the Windows machines DNS settings > to your Redhat > box's IP? No rules needed. Except if he has default policy DROP on the INPUT chain, not having port 53 open. Then you'd need : # iptables -A INPUT -i <if_lan> -p udp --dport 53 -j ACCEPT You could also open port 53/tcp but AFAIK it will probably work just fine only using 53/udp. Rob
