I have this rule to block DNS servers on the local network, but there is a device that acts as a DNS server and I want it not to be affected.
Until now I used another rule to allow forwarding to wan from that device, but it seems more convenient and tidy to have everything in the same firewall rule.
root@enrutador:~# cat /etc/config/firewall
config rule
option src 'lan'
option dest 'wan'
option target 'ACCEPT'
option name 'Allow DNS servers for AdGuardHome'
list src_ip '192.168.1.93'
option dest_port '53 853'
config rule
option name 'Block DNS servers on lan'
option src 'lan'
option dest 'wan'
option dest_port '53 853'
option target 'DROP'