I have been recently trying Sygate Personal Firewall free; however it is a little too good in blocking : when I disable the server rights for applications, no DNS server can be addressed and thus no IPs resolved. This and similar topics are discussed in the sygate forums, but more in a "guessing...try this or that" way, so maybe the experts in here can help: I want to set up a rule to allow DNS resolution for a choice of applications. Is it safe to set up a rule which allows UDP remote port 53/local ports 1024-4999, connections only to the DNS-server ip and for the selected applications, both incoming and outgoing. As for the problem: it works! But is it the safe and best way to set up a DNS rule? Thanks for your help.