diff --git a/config-parts/firewall-name.sh b/config-parts/firewall-name.sh
index 3f99040..1531782 100644
--- a/config-parts/firewall-name.sh
+++ b/config-parts/firewall-name.sh
@@ -192,6 +192,10 @@ set firewall name lan-iot rule 999 log 'enable'
 set firewall name lan-local default-action 'drop'
 set firewall name lan-local description 'From LAN to LOCAL'
 set firewall name lan-local enable-default-log
+set firewall name lan-local rule 40 action 'accept'
+set firewall name lan-local rule 40 description 'Rule: accept_dns'
+set firewall name lan-local rule 40 destination port 'domain,domain-s'
+set firewall name lan-local rule 40 protocol 'tcp_udp'
 set firewall name lan-local rule 50 action 'accept'
 set firewall name lan-local rule 50 description 'Rule: accept_dhcp'
 set firewall name lan-local rule 50 destination port '67,68'