diff --git a/resources/resolv-dns/files/nftables.conf b/resources/resolv-dns/files/nftables.conf
index 8123f88..a9e6702 100644
--- a/resources/resolv-dns/files/nftables.conf
+++ b/resources/resolv-dns/files/nftables.conf
@@ -15,6 +15,8 @@ table inet filter {
 		tcp dport 22 accept
 		tcp dport 53 accept
 		udp dport 53 accept
+
+		tcp dport 9167 ip saddr 94.45.254.5 accept comment "allow monitoring access to unbound exporter stats"
 	}
 	chain forward {
 		type filter hook forward priority filter; policy drop;