1 files changed, 3 insertions, 0 deletions
diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft
index 6b47751f..f8cadc94 100644
--- a/hosts/surtr/ruleset.nft
+++ b/hosts/surtr/ruleset.nft
@@ -79,6 +79,9 @@ table inet filter {
    meta protocol ip6 udp dport 51821 counter accept
    udp dport 60000-61000 counter accept
+    tcp dport 53 counter accept
+    udp dport 53 counter accept
    limit name lim_reject log prefix "drop input: " counter drop
    log prefix "reject input: " counter

diff --git a/hosts/surtr/ruleset.nft b/hosts/surtr/ruleset.nft index 6b47751f..f8cadc94 100644 --- a/hosts/surtr/ruleset.nft +++ b/hosts/surtr/ruleset.nft
@@ -79,6 +79,9 @@ table inet filter {
79	meta protocol ip6 udp dport 51821 counter accept	79	meta protocol ip6 udp dport 51821 counter accept
80	udp dport 60000-61000 counter accept	80	udp dport 60000-61000 counter accept
81		81
		82	tcp dport 53 counter accept
		83	udp dport 53 counter accept
		84
82		85
83	limit name lim_reject log prefix "drop input: " counter drop	86	limit name lim_reject log prefix "drop input: " counter drop
84	log prefix "reject input: " counter	87	log prefix "reject input: " counter