From c9dcf479fce7006cda32456be596c54c5ef80e71 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Tue, 14 Feb 2023 01:19:19 -0500
Subject: [PATCH] allow PowerDNS webserver on loopback for root

---
 nftables-dns.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nftables-dns.conf b/nftables-dns.conf
index 24ea989..16b239f 100644
--- a/nftables-dns.conf
+++ b/nftables-dns.conf
@@ -55,6 +55,8 @@ table inet filter {
         skuid unbound meta l4proto {tcp, udp} th sport 53 th dport >= 1024 accept
         skuid {chrony, geoipupdate} meta l4proto {tcp, udp} th sport >= 1024 th dport 53 accept
 
+        skuid powerdns meta l4proto tcp th sport 80 th dport >= 1024 accept
+
         skuid != root counter goto output-reject
         accept
     }