From 271eb09669c359cf2f0aaef28065fce2a7385829 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Sun, 19 Jan 2025 16:15:42 +0000
Subject: [PATCH] pf: Open unbound_exporter port for dna-gw hosts

---
 roles/pf/files/pf.conf.gw_home | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/pf/files/pf.conf.gw_home b/roles/pf/files/pf.conf.gw_home
index 077b457..981f783 100644
--- a/roles/pf/files/pf.conf.gw_home
+++ b/roles/pf/files/pf.conf.gw_home
@@ -45,8 +45,9 @@ pass in quick on $ext_if proto tcp from 37.35.86.64/29 to self port ssh
 pass in quick on $ext_if proto tcp from 37.16.96.144/28 to self port ssh
 pass in quick on $ext_if proto tcp from 212.149.228.253/32 to self port ssh
 
-# node_exporter from internal network
+# node_exporter and unbound_exporter from internal network
 pass in quick on $int_if proto tcp from $int_net to self port 9100
+pass in quick on $int_if proto tcp from $int_net to self port 9167
 
 # allow dns queries from internal net
 pass in quick on $int_if proto { tcp, udp } from $int_net to self port domain