block DNS traffic at the OpenVPN gateway

There are many different edge cases where mac and windows clients (and maybe android too) will revert to using a different DNS server than the one specified by openvpn.

This is bad news for security reasons. Eventually, we want to make a proper fix on the client so that it doesn't have DNS leakage. For now, lets just block port 53 on the gateways firewall so that we can ensure that no leakage happens. Obviously, we don't want to block access to the DNS server running on the gateway itself, just egress traffic.

(from redmine: created on 2013-10-16, closed on 2014-05-08)