Enable DNS over TLS support for local resolvers

Currently uses local CA.
2021-09-29 19:09:58 +00:00 · 2021-09-29 19:09:58 +00:00 · 8bdf278ea6
commit 8bdf278ea6
parent 581484d207
4 changed files with 31 additions and 4 deletions
--- a/roles/pf/files/pf.conf.gw_home
+++ b/roles/pf/files/pf.conf.gw_home
@ -50,6 +50,7 @@ pass in quick on $int_if proto tcp from $int_net to self port 4949

 # allow dns queries from internal net
 pass in quick on $int_if proto { tcp, udp } from $int_net to self port domain
+pass in quick on $int_if proto tcp from $int_net to self port domain-s

 # allow tftp from internal net
 pass in quick on $int_if proto udp from $int_net to self port tftp