resolv-dns: add firewall config for exposing metrics to monitoring host

2025-04-18 16:33:20 +02:00 · 2025-04-18 16:33:20 +02:00 · 973e22e267
commit 973e22e267
parent a88233ab0b
1 changed files with 2 additions and 0 deletions
--- a/resources/resolv-dns/files/nftables.conf
+++ b/resources/resolv-dns/files/nftables.conf
@ -15,6 +15,8 @@ table inet filter {
 		tcp dport 22 accept
 		tcp dport 53 accept
 		udp dport 53 accept
+
+		tcp dport 9167 ip saddr 94.45.254.5 accept comment "allow monitoring access to unbound exporter stats"
 	}
 	chain forward {
 		type filter hook forward priority filter; policy drop;