1 files changed, 8 insertions, 5 deletions

diff --git a/nixos/modules/router.nix b/nixos/modules/router.nix
index ed634b1..3002d9b 100644
--- a/nixos/modules/router.nix
+++ b/nixos/modules/router.nix
@@ -54,10 +54,9 @@ in {
       firewall = {
         logRefusedConnections = false;
         interfaces = {
-          "home" = {allowedUDPPorts = [67 68];};
-          "guest" = {allowedUDPPorts = [67 68];};
+          "home" = {allowedUDPPorts = [53 67 68];};
+          "guest" = {allowedUDPPorts = [53 67 68];};
         };
-        rejectPackets = true;
         filterForward = true;
       };
       nat = {
@@ -119,7 +118,7 @@ in {
             PoolOffset = cnf.dynIPStart;
             PoolSize = cnf.dynIPCount;
             EmitDNS = "yes";
-            DNS = "1.1.1.1";
+            DNS = "${cnf.lanIP}";
           };
           dhcpServerStaticLeases =
             mapAttrsToList (n: v: {
@@ -150,7 +149,7 @@ in {
             PoolOffset = cnf.dynIPStart;
             PoolSize = cnf.dynIPCount;
             EmitDNS = "yes";
-            DNS = "1.1.1.1";
+            DNS = "192.168.1.1";
           };
           dhcpPrefixDelegationConfig = {
             UplinkInterface = cnf.wan;
@@ -166,6 +165,10 @@ in {
       enable = true;
       dnssec = "true";
       fallbackDns = ["1.1.1.1" "8.8.8.8"];
+      extraConfig = ''
+        DNSStubListenerExtra=${cnf.lanIP}
+        DNSStubListenerExtra=192.168.1.1
+      '';
     };
   };
 }