Last friday i added this to my iptables...and it opened up my dns to allow zone transfers. Only problem is that it seemed to screw up the machines behind the firewall. They were unable to use the dns properly to resolve domain names. Is there a better command to allow outgoing and incoming requests like this? # iptables -A INPUT -p udp --sport 53