Did anyone setup a firewall on the raspberry to protect the DNS server?
I'm running Ubuntu Mate, was thinking about doing that but was worry about possible future conflict.
I think it isn't necessary when you are using it in your LAN.
But if you set up an firewall you have to be sure, that you have opened the DNS ports (53 tcp and udp), the HTTP port (80 tcp) and the SSH port (22 tcp, so that you dont lock out yourself from the raspberry) for incoming connections. When you're running other stuff on your raspberry too, these programs eventually need other open ports too.
If you want to go full out, you install fwbuilder on your box to setup iptables rules and routing:
apt-get install fwbuilder
Export your display to a X-windows capable PC or laptop:
export DISPLAY=<IP_OF_YOUR_X_WINDOWS_CAPABLE_PC_OR_LAPTOP>:0.0
And boot up fwbuilder:
fwbuilder
Or choose out of the many firewall packages:
apt-cache search firewall
After some painful attempts at setting up a firewall with ufw — i've now disabled it.
unfortunately, ufw's default before rules prohibit broadcasts: before.rules\conf - ufw - [no description]
given that my pi-hole offers DNS & DHCP (& SLAAC + RA), and as such has an IPv6 address, i'd much rather lock it down. but i might have to resort to raw iptables!