allow clients to resolve DNS (i.e. query knot-resolver)
without this fix, DNS doesn't work, so clients can browse to any ip address like https://1.1.1.1 and some apps like Signal work (which workaround broken DNS) but anything else is "broken"
without this fix, DNS doesn't work, so clients can browse to any ip address like https://1.1.1.1 and some apps like Signal work (which workaround broken DNS) but anything else is "broken"