I think that the function nslookup simply uses DNS to resolve IP to domain and also reverse so there is nothing specific to be blocked though you can block Port 53 which is used for DNS lookup.
BTW, I you are running transparent proxy then you might block port 53 as transparent proxy also forward port 53.
Try adding this in your NAT script
# This line is to drop TCP port 53
iptables -A INPUT -p tcp -i eth1 --dport 53 -j DROP
NOTE: Here eth1 represent the NIC on which your LAN is connected and in above line we are simply dening any request made on port 53 from local LAN.
But it may or may not work as I am not sure about behavior of this as in general it should stop DNS lookup from function so it means you cannot open site by giving its name but from IP can, on the other hand here you are having transparent proxy then it may or may not work but you have to test.
