I configured my router to have all traffic routed via Wireguard VPN.
I added some blocklists to unbound DNS, but have difficulty to get it working properly.
I tried two different rules:
1) LAN TCP/UDP * * ! LAN address 53 (DNS) 127.0.0.1 53 (DNS)
With the above rule all DNS queries seem to go through VPN but my unbound DNS blocklists are ignored.
2) LAN TCP/UDP * * LAN address 53 (DNS) 127.0.0.1 53 (DNS)
With this setup my blocklists are working fine, but all DNS queries go via WAN resulting in a leaking DNS.
Could someone please point me in the right direction here?