Hi Loren,
Had same trouble you had, or at least something similar. I modified the auto generated file /etc/sysconfig/ipchains to the following:
--------------------------------start-------------------------------------------------
# Firewall configuration written by lokkit
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
:input ACCEPT
:forward DENY

utput ACCEPT
# accept local loopback
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
#accept everything on the local netwrok -- eth1 is local, eth0 is external
-A input -s 0/0 -d 0/0 -i eth1 -j ACCEPT
# accept dns servers
-A input -s 123.456.789.987 53 -d 0/0 -p udp -j ACCEPT
-A input -s 123.456.789.65 53 -d 0/0 -p udp -j ACCEPT
#
-A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
-A input -s 0/0 -d 0/0 -p udp -j REJECT
# stop external addresses claiming to me local
-A input -i eth0 -s 192.168.1.0/24 -j DENY
-A forward -s 192.168.1.0/255.255.255.0 -j MASQ
-A forward -i eth0 -s 192.168.1.0/24 -d 0.0.0.0/0 -j MASQ
-A forward -s 0.0.0.0/0 -d 0.0.0.0/0 -l -j DENY
------------------------------------end--------------------------------------------
What this does is run ipchains during the boot up process such that each command run takes its body from a line above. For example, the line "-A input -s 123.456.789.65 53 -d 0/0 -p udp -j ACCEPT" will cause the command "ipchains -A input -s 123.456.789.65 53 -d 0/0 -p udp -j ACCEPT" to be run at startup. I think you need to enter the dns entries. You need to add your dns server ip addresses above to match your isp. The ones in the text are generic place holders.
Good luck,
Allen