🔥: remove nsd completely

roles/firewall/templates/firewall.j2

@@ -339,53 +339,6 @@ config redirect
 	option dest_port '64738'
 	option target 'DNAT'
 
-# Allow DNS traffic
-config rule
-	option name 'Allow-INPUT-DNS'
-	option src 'wan'
-	list proto 'tcp'
-	list proto 'udp'
-	option dest 'dmz'
-	option dest_ip '{{ hostvars['dns1.dmz.mateu.be']['ansible_default_ipv6']['address'] }}'
-	option dest_port '53'
-	option target 'ACCEPT'
-	option family 'ipv6'
-
-config redirect
-	option name 'Allow-INPUT-DNS'
-	option src 'wan'
-	option src_dport '53'
-	list proto 'tcp'
-	list proto 'udp'
-	option dest 'dmz'
-	option dest_ip '{{ hostvars['dns1.dmz.mateu.be']['ansible_default_ipv4']['address'] }}'
-	option dest_port '53'
-	option target 'DNAT'
-
-config rule
-	option name 'Allow-OUTPUT-DNS'
-	option src 'dmz'
-	option src_ip '{{ hostvars['dns1.dmz.mateu.be']['ansible_default_ipv4']['address'] }}'
-	list proto 'tcp'
-	list proto 'udp'
-	option dest 'wan'
-	option dest_port '53'
-	option dest_ip '{{ hostvars['nsd-master1.ext.mateu.be']['ansible_default_ipv4']['address'] }}'
-	option target 'ACCEPT'
-	option family 'ipv4'
-
-config rule
-	option name 'Allow-OUTPUT-DNS'
-	option src 'dmz'
-	option src_ip '{{ hostvars['dns1.dmz.mateu.be']['ansible_default_ipv6']['address'] }}'
-	list proto 'tcp'
-	list proto 'udp'
-	option dest 'wan'
-	option dest_port '53'
-	option dest_ip '{{ hostvars['nsd-master1.ext.mateu.be']['ansible_default_ipv6']['address'] }}'
-	option target 'ACCEPT'
-	option family 'ipv6'
-
 # Allow mail traffic
 config rule
 	option name 'Allow-OUTPUT-SMTP'