How do I configure iptables to allow DNS lookups?

[Malcolm Ferguson]

I'm trying to configure iptables as strictly as possible, however, I'm 
having problems with DNS.  If I understand correctly how DNS works, the 
client sends a UDP packet from a high number port to port 53 on the name 
server.  The name server responds with a UDP packet back to that high 
number port.  Is this correct?

I have /etc/resolv.conf containing a nameserver entry.  I also have some 
name servers listed in the forwarders section of /etc/bind/named.conf.  
Is there a way to configure both bind and the normal name resolver (how 
does it work???) to always use the same port?  Or, do I have to add a 
rule to the INPUT chain that ACCEPTS anything UDP from the name server?  
Obviously the name server isn't on the local LAN.

TIA
Malc
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]