19 lines
689 B
Plaintext
19 lines
689 B
Plaintext
&def_service(dns, dns, udp, 53);
|
|
&def_service(dns2, dns, tcp, 53);
|
|
#&def_service(dns, dns1.evenet.dn42, udp, 53);
|
|
&forward_to_service(dns, udp, 53);
|
|
&forward_to_service(dns2, tcp, 53);
|
|
&allow_service_for_all(dns);
|
|
&allow_service_for_all(dns2);
|
|
|
|
chain FORWARD interface $evenet mod pkttype pkt-type (broadcast multicast) ACCEPT;
|
|
|
|
# chain to allow forwarding to the service
|
|
domain ip table filter chain FORWARD {
|
|
@def $dns1_ip4 = @resolve(dns1.evenet.dn42, A);
|
|
@def $dns2_ip4 = @resolve(dns2.evenet.dn42, A);
|
|
@def $ns1_ip4 = @resolve(ns1.evenet.dn42, A);
|
|
@def $ns2_ip4 = @resolve(ns2.evenet.dn42, A);
|
|
daddr ($dns1_ip4 $dns2_ip4 $ns1_ip4 $ns2_ip4) protocol udp dport 53 ACCEPT;
|
|
}
|