Does anyone have an idea on how to filter nslookup results from inside a firewall when trying to use an outside dns server as the source? Basically if I have a RedHat 7.2 server running iptables and acting as a NAT server, how could I make it not allow "inside" users to use nslookup or dig without our DNS being the source server?

Thanks for any help or assistance you can lend.