I followed the recommendations outlined here: http://www.comptechdoc.org/os/linux/usersguide/linux_ugbasicnet.html for network setup and also for the DNS setup. Everything seems to be in order but the DNS server is just not answering anything on the network. In Fedora 5 the network config files are /etc/sysconfig/network-scripts/ifcfg-ethx (x is the interface number) I set PEERDNS=no and that prevents dhcp from changing the resolv.conf file. So that question is solved. However, DNS still is not answering on my network. > > Add a logging rule just before dropping packets for a given chain. > The policy is initially set to DROP, so I don't really know how I'd do that. The firewall setup is pretty simple. There are a few INPUT rules that allow anything on eth1 and loopback and anything on eth0 where state is ESTABLISHED,RELATED. A FORWARD rule to pass along anything from eth1 and anything ESTABLISHED,RELATED. A few OUTPUT rules for the loopback and local interface ips. And lastly a POSTROUTING in the nat table for MASQUERADE. That's it. (I could post the whole set of rules if it would be helpful.) The initial policy is set to DROP. So I don't really know how to put anything ahead of that. btw - I'm using Fedora Core 5 (runlevel 3 - no GUI installed)