diff --git a/src/lib/firewall.ts b/src/lib/firewall.ts
index c1c28f6b..e2a5b581 100644
--- a/src/lib/firewall.ts
+++ b/src/lib/firewall.ts
@@ -56,12 +56,19 @@ const standardServices: iptables.Rule[] = [
 		target: 'ACCEPT',
 	},
 	{
-		comment: 'DNS',
+		comment: 'DNS from balena0',
 		action: iptables.RuleAction.Append,
 		proto: 'udp',
 		matches: ['--dport 53', '-i balena0'],
 		target: 'ACCEPT',
 	},
+	{
+		comment: 'DNS from custom Engine networks',
+		action: iptables.RuleAction.Append,
+		proto: 'udp',
+		matches: ['--dport 53', '-i br+'],
+		target: 'ACCEPT',
+	},
 ];
 
 const standardPolicy: iptables.Rule[] = [