From 6a0fd12cf07df4ee54643f64d34438ce03869a5e Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Tue, 15 Mar 2022 18:35:41 +0100
Subject: yggdrasil-wg: dns

---
 hosts/vidhar/network/ruleset.nft | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'hosts/vidhar/network')

diff --git a/hosts/vidhar/network/ruleset.nft b/hosts/vidhar/network/ruleset.nft
index 0f591f24..4e8341e9 100644
--- a/hosts/vidhar/network/ruleset.nft
+++ b/hosts/vidhar/network/ruleset.nft
@@ -165,8 +165,8 @@ table inet filter {
     iifname { lan, mgmt, dsl, yggdrasil, bifrost } tcp dport 22 counter name ssh-rx accept
     iifname { lan, mgmt, dsl, yggdrasil, bifrost } udp dport 60001-61000 counter name mosh-rx accept
 
-    iifname { lan, mgmt, dmz01 } tcp dport 53 counter name dns-rx accept
-    iifname { lan, mgmt, dmz01 } udp dport 53 counter name dns-rx accept
+    iifname { lan, mgmt, dmz01, yggdrasil } tcp dport 53 counter name dns-rx accept
+    iifname { lan, mgmt, dmz01, yggdrasil } udp dport 53 counter name dns-rx accept
 
     iifname { lan, mgmt, dsl } meta protocol ip udp dport 51820 counter name wg-rx accept
     iifname { lan, mgmt, dsl } meta protocol ip6 udp dport 51821 counter name wg-rx accept
-- 
cgit v1.2.3