From 6bded8cc7ea7d387a26aceb79f05f841c662d4c9 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Sun, 18 Jun 2023 16:59:32 -0400
Subject: [PATCH] Forward port 53 to the public dns server.

---
 ansible/roles/firewall/files/mrmanager_pf.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ansible/roles/firewall/files/mrmanager_pf.conf b/ansible/roles/firewall/files/mrmanager_pf.conf
index 52561ff..3e481e1 100644
--- a/ansible/roles/firewall/files/mrmanager_pf.conf
+++ b/ansible/roles/firewall/files/mrmanager_pf.conf
@@ -30,6 +30,8 @@ rdr pass on jail_nat inet proto tcp from $jail_nat_v4 to $not_jail_nat_v4 port 6
 # nat pass on $not_ext_if proto {tcp, udp} from $not_jail_nat_v4 to 10.215.1.210 port 65099 -> (jail_nat)
 # nat pass on $not_ext_if proto {tcp, udp} from $jail_nat_v4 to 10.215.1.210 port 65099 -> (lagg0)
 
+rdr pass on $ext_if inet proto {tcp, udp} from $not_jail_nat_v4 to $not_jail_nat_v4 port 53 -> 10.215.1.211 port 53
+rdr pass on jail_nat inet proto {tcp, udp} from $jail_nat_v4 to $not_jail_nat_v4 port 53 -> 10.215.1.211 port 53
 
 
 # filtering