Не могу понять почему input drop на pppoe-out интерфейсе режет dns релей? Ни на одном роутере такого не видел. estabilished и related разрешены. (ага гоню, -P INPUT перепутал с -A INPUT)
0 ;;; default configuration
chain=input action=accept protocol=icmp log=no log-prefix=""
1 chain=input action=accept protocol=tcp in-interface=pppoe-out1 dst-port=8291 log=no log-prefix=""
2 ;;; default configuration
chain=forward action=accept connection-state=established,related log=no log-prefix=""
3 chain=input action=accept protocol=udp in-interface=pppoe-out1 dst-port=4500 log=no log-prefix=""
4 chain=input action=accept protocol=udp in-interface=pppoe-out1 dst-port=500 log=no log-prefix=""
5 chain=input action=accept protocol=ipsec-esp in-interface=pppoe-out1 log=no log-prefix=""
6 chain=input action=accept protocol=udp src-address=8.8.8.8 in-interface=pppoe-out1 log=no log-prefix=""
7 chain=input action=accept protocol=udp src-address=8.8.4.4 in-interface=pppoe-out1 log=no log-prefix=""
8 chain=input action=accept protocol=udp src-address=81.22.204.35 in-interface=pppoe-out1 log=no log-prefix=""
9 chain=input action=accept protocol=udp src-address=81.23.144.250 in-interface=pppoe-out1 log=no log-prefix=""
10 ;;; default configuration
chain=input action=drop connection-state=established,related log=no log-prefix=""
